Hi [[ session.user.profile.firstName ]]

Getting PCI Compliance Right: Going Beyond the Audit Checklist

If over a third of the PCI DSS requirements target IT configuration controls that can be monitored, and retailers regularly pass audits, why do data breaches still occur? They still occur because just passing the audit isn’t enough.

Too many retailers continue to treat PCI DSS complianc
If over a third of the PCI DSS requirements target IT configuration controls that can be monitored, and retailers regularly pass audits, why do data breaches still occur? They still occur because just passing the audit isn’t enough.

Too many retailers continue to treat PCI DSS compliance as a project focused on passing the audit—a single-point-in-time event that relies on checklists to get them into that compliant state. Despite the fact that retailers pass PCI audits, breaches continue to occur with great regularity. Clearly this checklist approach to securing cardholder data is not working. So how can you ensure that when customers do business with you, their credit card data is secure?

In this webcast Dave Taylor of PCI Knowledge Base joins Tripwire’s Ed Rarick to discuss how mechanically following the PCI checklist and passing your audit can lull you into a false sense of security. They’ll present a solution that can help you truly — and continuously — secure customer credit card data.

Join us to hear:

* The state of cardholder data breaches today.
* Why compromised configuration controls can go undetected for months, even when retailers passed their PCI audit and they were using monitoring solutions.
* How retailers can automatically monitor over a third of the configuration controls required by the PCI DSS to attain and sustain PCI compliance.
* Case studies describing how three retailers have effectively secured their corporate datacenters and in-store infrastructures.

Register today to learn how you can achieve and sustain PCI compliance, pass your audit and give your customers the confidence they need to do business with you.
Recorded Aug 13 2009 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dave Taylor of PCI Knowledge Base joins Tripwire’s Ed Rarick
Presentation preview: Getting PCI Compliance Right: Going Beyond the Audit Checklist
Recommended for you:
  • Date
  • Rating
  • Views
  • How do you reveal unknown risks on your network and enforce your security and compliance policies? What’s required to reduce your attack surface, detect and block advanced threats and rapidly respond to security breaches? Good Questions!

    Join us and learn the answers to these real-world problems and discover how ForeScout and FireEye’s joint solution reduces the threat landscape and automates security management and response, allowing you to:
    · Identify devices—including Internet of Things endpoints—the instant they connect to your network
    · Quickly detect advanced threats
    · Scan for indicators of compromise (IOCs)
    · Contain infected endpoints and automate threat response
    · Limit malware propagation and break the cyber kill chain

    Register today and learn to improve your company’s defenses against advanced threats and automate threat response!

    ---
    Speakers:
    Michael Resong, FireEye Director, Technology Alliances
    Michael has been with FireEye since April 2013. Before joining Technology Alliances, he led various systems engineering and architect teams at FireEye. Prior to FireEye, Micheal performed numerous systems engineering and management functions at McAfee, Secure Computing, Network Appliance and other leading technology companies.

    Amy De Salvatore, ForeScout Senior Director, Strategic Alliances
    Amy currently manages a team focused on a discreet portfolio of technology and go-to-market partners. As one of ForeScout’s top strategic partner liaisons, Amy manages the FireEye alliance, and is responsible for all development, marketing, engagement and delivery aspects of the relationship.
  • Josh Downs, BrightTALK's Information Security Community Manager breaks down 3 must-watch webinars from February's Data-driven Security Summit:

    3. Business-lead and Threat-Focused Cyber Risk Management - Chris Verdonck, Global Cyber Strategy & Peter Wirnsperger, Cyber Risk Services, Deloitte

    2. Making Vulnerability Management Sexy, Again! - Amar Singh, Chair of ISACA's UK Security Advisory Group

    1. (mis)Adventures in Data-driven Security: How to Avoid Tragedy & Engineer Success - Nik Whitfield, CEO, Panaseer

    To attend any of the above, see the URLs in the attachments.

    For more insights, follow Josh on @BrightTALK_Josh
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data
  • The Pentagon reports 10 million cyberattacks daily. Federal, state and local government agencies need to safeguard information and maintain control when addressing internal mandates for cloud migration. Do you know how many attacks you are experiencing on a daily basis? Do you know where those attacks are coming from? How long they have been in your environment?

    While there is no silver bullet to combating either external or internal cyberattacks, there are steps you can take to build a defense strategy to protect your agency. Beyond just detecting attacks, you need to build up your defenses and take the necessary steps to protect your data and applications.

    In this session, we will discuss how you can leverage the Microsoft Enterprise Mobility Suite to help:
    1. Monitor behavior on your internal network and detect abnormal behavior
    2. Identify authentication irregularities from your users
    3. Protect applications using two-factor authentication
    4. Restrict access to confidential data
  • A discussion on the current state of advanced threat protection and incident response preparedness that will include both highlights from Arbor's Worldwide Infrastructure Security Report (WISR) as well as original research by Arbor's Security Engineering & Response Team (ASERT). The WISR is a global survey of security professionals, highlighting the key trends in the threat landscape along with the strategies network operators adopt to address and mitigate them. We’ll also provide a deep understanding of two attack campaigns discovered by ASERT. One multi-stage attack campaign was focused on government organizations and a second was focused on financial services organizations.

    This session will cover:

    • The primary challenges facing security teams with emphasis on the balance between technology, people and process.

    • Insight into attack campaigns happening on the broader Internet and an understanding of why it is critical to connect that activity to conversations on internal networks.

    • How businesses are adapting and changing their threat detection and incident response to reduce risk posture
  • As recently reported in the WSJ, 1% of users represent 75% of cybersecurity risk. We know, we were surprised too. This and other shocking truths about the causes and consequences of cloud vulnerabilities are uncovered in our latest cybersecurity report - gathered from our findings across over 10 million users, 1 billion cloud assets, and 91,000 unique apps.

    Get the inside scoop in our webinar where you’ll learn what it all means directly from our customer insights and data guru, Ayse Kaya Firat:

    – Top cloud cybersecurity trends that fly under your radar
    – What the distribution of cloud cybersecurity risk means for your ability to act on it
    – Three key security skills you should master for an immediately safer cloud environment
  • Whether you are building an incident response program from scratch or expanding an existing security operations centre you need to ensure it is aligned to helping you build a better cyber defence centre. The services team at Mandiant have gained experience responding to hundreds of computer security incidents every year and with this knowledge we would like to take a few minutes to discuss how you can develop your organisation’s full portfolio of technical, organizational and administrative capabilities to effectively protect themselves against advanced threat actors.
  • Cloud adoption in higher education is greater than in any other industry, with 83% using Google Apps or Office 365. As universities move from on-premise to public cloud apps to meet the need for modern collaboration tools and the increasing demand for BYOD, IT leaders are increasingly aware of the security risk to sensitive research data and student personal information.

    In this webinar will discuss the unique security issues of higher education including faculty file sharing and employee BYOD.
  • Join the Informatica Cloud product team to see the new Informatica Cloud platform in action and find out what's new in the Winter Release of Informatica Cloud and explore all the key capabilities.
    The Winter release of the Informatica Cloud is packed with many rich functionalities, with a continued focus on self-service and ease of use. Updates include:
    •Enhanced Cloud Mapping Designer
    •Greater Data Masking transformation capabilities
    •Platform enhancements for REST API, Cloud Test Data Management, secure agent and Real-time processes
    •New connector capabilities for Salesforce Marketing Cloud, Microsoft Azure Data Lake, Microsoft DocumentDB, SAP Concur V2, JD Edwards, Zendesk and more!
    •Enhanced connectors for Tableau, NetSuite, Amazon, Oracle, Microsoft, Marketo, Workday, Zuora and others
    •And so much more!

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Getting PCI Compliance Right: Going Beyond the Audit Checklist
  • Live at: Aug 13 2009 4:00 pm
  • Presented by: Dave Taylor of PCI Knowledge Base joins Tripwire’s Ed Rarick
  • From:
Your email has been sent.
or close
You must be logged in to email this