Getting PCI Compliance Right: Going Beyond the Audit Checklist

Presented by

Dave Taylor of PCI Knowledge Base joins Tripwire’s Ed Rarick

About this talk

If over a third of the PCI DSS requirements target IT configuration controls that can be monitored, and retailers regularly pass audits, why do data breaches still occur? They still occur because just passing the audit isn’t enough. Too many retailers continue to treat PCI DSS compliance as a project focused on passing the audit—a single-point-in-time event that relies on checklists to get them into that compliant state. Despite the fact that retailers pass PCI audits, breaches continue to occur with great regularity. Clearly this checklist approach to securing cardholder data is not working. So how can you ensure that when customers do business with you, their credit card data is secure? In this webcast Dave Taylor of PCI Knowledge Base joins Tripwire’s Ed Rarick to discuss how mechanically following the PCI checklist and passing your audit can lull you into a false sense of security. They’ll present a solution that can help you truly — and continuously — secure customer credit card data. Join us to hear: * The state of cardholder data breaches today. * Why compromised configuration controls can go undetected for months, even when retailers passed their PCI audit and they were using monitoring solutions. * How retailers can automatically monitor over a third of the configuration controls required by the PCI DSS to attain and sustain PCI compliance. * Case studies describing how three retailers have effectively secured their corporate datacenters and in-store infrastructures. Register today to learn how you can achieve and sustain PCI compliance, pass your audit and give your customers the confidence they need to do business with you.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (65)
Subscribers (1786)
Tripwire’s powerful IT security and compliance automation solutions help businesses and government agencies take control of their IT infrastructure.