Can PCI Compliance be Harmful to Your Security Initiative?

Presented by

Ken Swain – Engagement Manager and Senior Security Engineer, HP

About this talk

Can PCI Compliance be Harmful to Your Security Initiative? Understand and Navigate Compliance in the Real World: PCI Compliance is necessary, but can it be harmful to your security? Does the prescriptive nature of the PCI regulations make enterprises spend money on controls that might be handled in a different way? Could this also cost the enterprise in capital and operational dollars that might be spent elsewhere? PCI Council General Manager Bob Russo's has defined PCI Compliance as a structured "blend...[of] specificity and high-level concepts" that allows "stakeholders the opportunity and flexibility to work with Qualified Security Assessors (QSAs) to determine appropriate security controls within their environment that meet the intent of the PCI standards." The question is how do you define and create the right structured blend for your organization? This webinar will help you to understand the difference between meeting a regulation and executing on a well-defined and successful Software Security Assurance program. Attendees will gain an understanding of common pitfalls in navigating the compliance focused enterprise and walk away with directives on how to create a secure environment while maintaining compliance.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (1370)
Subscribers (42895)
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.