In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
Software point of sale or SoftPOS is a groundbreaking technology that allows businesses to accept card payments directly on their devices without requiring any additional software. As this payment method gains widespread adoption, what does it mean for the security of our payments systems?
The PCI Security Standards Council on Thursday released the Payment Card Industry Data Security Standard version 4.0. The latest version's improvements are intended to counter evolving threats and technologies, and the new version will enable innovative methods to combat new threats.
As new payment trends emerge, such as the surge in ecommerce during the COVID-19 pandemic, payment card standards also must change, says Jeremy King of the PCI Security Standards Council, who will be a featured speaker at ISMG's Virtual Cybersecurity and Fraud Summit: London on Oct. 20.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.
Troy Leach of the PCI Security Standards Council discusses how the shift to card-not-present transactions during the COVID-19 pandemic has created new fraud-fighting challenges and offers an update on pending standards revisions.
The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.
Many companies around the world that accept card payments are failing to continually maintain compliance with the PCI Data Security Standard, according to the new Verizon 2019 Payment Security Report. Verizon's Rodolphe Simonetti, who contributed to the report, explains the findings.
In December, PCI SSC plans to publish a new standard for solutions that enable "tap and go" transactions on merchant smartphones and other commercial off-the shelf mobile devices. Troy Leach, the council's CTO, offers insights on the role the standard will play in enhancing security for smaller merchants.
The latest edition of the ISMG Security Report offers an in-depth analysis of how to prevent data exposure in the cloud. Plus: why PCI's new contactless payment standard lacks PINs, and how to go beyond the hype to accurately define "zero trust."
Data breaches, incident response and complying with the burgeoning number of regulations that have an information security impact were among the top themes at this year's Infosecurity Europe conference in London. Here are 10 of the top takeaways from the conference's keynote sessions.
An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.