|
Webinar on PCI Compliance |
Is PCI giving me a FALSE sense of security???
PCI certified organization - Does this mean that your data is completely secured?
The general perception of PCI is that "We are already PCI certified, therefore our data is secure!"
|
If yes, then how secure are you really?
|
|
Fraudulent credit card transactions have recently increased ten-fold. There seems to be two primary reasons. One is the increase in credit card usage by customers and the other is the ever-increasing boldness of cybercriminals. A recent APACS study found that the total debit and credit card spending was up in 2008 in terms of both value and volume; increasing 6.8% and 7.4% respectively. So it's no surprise that card holders have come across increased security breaches and that compromised card holder data has also increased sharply. At the same time, all of the major credit card vendors claim that they are PCI certified.
|
|
Why do the customers claim that their credit card information is stolen?
|
|
This is happening even though the requirements for PCI standards are well established and are implemented worldwide by almost all the payment card industries. They keep assuring customers that they are secure. But cybercriminals are also more skilled and are becoming increasingly more and more successful at finding ways to access your data. It seems that every day we read about more breaches being exposed. |
|
In this Webinar we will discuss the overall threat, landscape, challenges, best practices, recommendations and opportunities associated with PCI Compliance. We will also examine some popular assumptions and test the validity of each of those assumptions:
|
|
The common myth – "Our Site is SAFE because..."
|
 |
One vendor or product will make us compliant |
|
Outsourcing card processing makes us compliant |
|
PCI compliance is solely an IT project |
|
We don't process enough transactions to warrant compliance |
|
We have firewalls in place |
|
We are already certified PCI compliant |
|
We use vulnerability scanners |
|
We use SSL encryption |
|
|
What about these often repeated assertions?
|
|
PCI will make us secure |
|
PCI is unreasonable; it requires too much effort; and is way too costly |
|
PCI requires us to hire a Qualified Security Assessor (QSA) |
|
We completed a SAQ, so we're compliant |
|
Security services generally serve the interests of customers better than tools, but are expensive |
|
With the right tools security services are an unnecessary luxury |
|
|
|
