Getting PCI Compliance Right: Going Beyond the Audit Checklist

Presented by

Gavin Millard, Technical Director - International, Tripwire

About this talk

If over a third of the PCI DSS requirements target IT configuration controls that can be monitored, and companies regularly pass audits, why do data breaches still occur? Just passing the audit isn’t enough. Too many companies continue to treat PCI DSS compliance as a project focused on passing the audit—a single-point-in-time event that relies on checklists to get them into that compliant state. In spite of passing PCI audits, breaches continue to occur with great regularity. Clearly this checklist approach to securing cardholder data is not working. So how can you ensure that when customers do business with you, their credit card data is secure? In this presentation we will discuss state of cardholder data breaches today, how mechanically following the PCI checklist and passing your audit can lull you into a false sense of security, and solutions that can help you truly—and continuously—secure customer credit card data.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (65)
Subscribers (1786)
Tripwire’s powerful IT security and compliance automation solutions help businesses and government agencies take control of their IT infrastructure.