Does PCI Compliance Help or Hurt Migration to the Cloud?

Michael Dahn, PCI Compliance Analyst
The number one question on peoples' minds is: Can I be PCI Compliant in the Cloud? Organizations are planning millions of dollars on migrating to a variety of public/private cloud combination's and the lingering question is how compliance will impact these plans.

The information in the public domain is rather sketchy on how PCI compliance will impact a migration to the cloud. This presentation will cover the various implementation of cloud computing including: Platform, Infrastructure, and Application as a service models. A key component of PCI DSS compliance is the relationship with third parties and as such we will also discuss the variance of compliance with public and private clouds.
Sep 9 2010
39 mins
Does PCI Compliance Help or Hurt Migration to the Cloud?
Join us for this summit:
More from this community:

IT Governance, Risk and Compliance

  • Live and recorded (3495)
  • Upcoming (84)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • How to Assess and Manage Your Cyber Risk May 27 2015 5:00 pm UTC 60 mins
    Stephen Cobb, Senior Security Researcher, ESET
    Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
  • How Bad Can Zero Days Get? May 27 2015 5:00 pm UTC 45 mins
    Robert Hansen, VP of WhiteHat Security Labs
    Are you giving the adversary unintended access through vulnerabilities in your system?

    By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.

    In this webinar you'll learn:

    - What types of assessments work at which points in the software development lifecycle.
    - What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
    - Why finding and fixing your vulnerability isn't actually good enough.
  • When Do Managed Security Services Make Sense? May 27 2015 5:00 pm UTC 45 mins
    Guest Speaker: Ed Ferrara, Principal Analyst, Forrester Research, Mark Stevens, VP Global Services, Digital Guardian
    The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?

    In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:

     When does it make sense to utilize managed security services

     How to the scope the services your company contracts out

     Questions to ask when evaluating managed security services providers

     The key criteria for selecting managed security providers
  • All About the Base: Test Drive FortiGate-VMX from Hypervisor and up May 27 2015 4:00 pm UTC 45 mins
    Cynthia Hsieh, Director of Product Marketing, Cloud and SDN product, Fortinet.
    Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
  • Human-Centered Design and Data Science May 27 2015 3:00 pm UTC 45 mins
    Dean Malmgren, Partner and Data Scientist, Datascope Analytics
    When you hear someone say, “that is a nice infographic” or “check out this sweet dashboard,” many people infer that they are “well-designed.” Creating accessible (or for the cynical, “pretty”) content is only part of what makes good design powerful. The human-centered design process is geared toward solving specific problems. This process has been formalized in many ways (e.g., IDEO’s Human Centered Design, Marc Hassenzahl’s User Experience Design, or Braden Kowitz’s Story-Centered Design), but the basic idea is that you have to explore the breadth of the possible before you can isolate truly innovative ideas.

    In this talk, I'll share some lessons we've learned from the human-centered design process and how those lessons can be used by other data science practitioners.
  • SIEM Roadmap 2015 May 27 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.

    Attendees will learn:
    - SIEM architecture changes for visibility
    - Increasing complexity of data analytics to explore
    - SIEM taxonomy and trade-offs between generations
    - Analyst recommendations & best practices
    - Why resources are key to SIEM success
  • Addressing Challenges in Securing the Software Defined Data Center Recorded: May 27 2015 36 mins
    Claudio Salmin, Fortinet Consulting Systems Engineer
    Data center security is being reshaped by virtualisation, consolidation, and promising new technologies such as Software Defined Networking (SDN).
    The adoption of the SDDC brings new challenges such as inspecting East-West traffic without the need to compromise on all the benefits of today's physical appliances.
  • A Best Practice Blueprint for eGRC Recorded: May 26 2015 62 mins
    Brandon Dunlap (Moderator); Renee Murphy, Forester; Mike Rost, MetricStream; Vivek Shivananda, Rsam.
    With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.

    Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.

    To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
  • DDoS Attacks Are a Serious Threat to U.S. Companies, Not for Reasons You'd Think Recorded: May 26 2015 30 mins
    Margee Adams, Director of Product Marketing, Neustar
    Neustar, in its annual DDoS Attacks Report shares critical DDoS trending data from real companies from across industries. Learn how companies are ramping up DDoS protection tactics and why.
  • Top 5 Cloud Data Loss Disasters of 2014 Recorded: May 26 2015 37 mins
    Trace Ronning, Content Marketing Manager, eFolder
    With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.

    In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
  • POS Attacks Persist: Fight Back with 5 Key Defense Strategies Recorded: May 26 2015 42 mins
    Ken Dang, Product Marketing Manager, Dell Security
    2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
  • Real Customer Successes: Business Transformation through Information Governance Recorded: May 26 2015 61 mins
    Barclay T. Blair, Executive Director and Founder, Information Governance Initiative; Stephen Ludlow, Director, Product Market
    Successful Information Governance enables organizations to take control of their information, ensure compliance, reduce costs, and ultimately achieve greater profitability. Watch the webinar on demand, Real Customer Successes: Business Transformation through Information Governance, to hear expert insights on how real-world customers have successfully leveraged Information Governance programs.
    Barclay Blair of the Information Governance Initiative and OpenText's Stephen Ludlow discuss how customers have successfully implemented Information Governance programs that streamline processes, increase productivity, and reduce costs to transform their businesses. You’ll learn:
    •How leading organizations have been able to amplify the value in their information
    •How to measure the success of an Information Governance implementation
    •What drivers lead customers to implement an Information Governance program
  • Expert Speed Round: 7 CEM Trends in 40 Minutes Recorded: May 26 2015 58 mins
    Marci Maddox, OpenText, Kim Celestre, Forrester and a panel of experts
    If you’re not engaging your customers, you could be losing them. Last year alone, 66 percent of global customers switched service providers due to poor customer experience—up 4 percent from the previous year, according to Accenture. They estimate that this “switching economy” puts $5.9 trillion up for grabs globally every year. That’s a large sum to leave up to chance!

    Register for the virtual roundtable, Expert Speed Round: 7 CEM Trends in 40 Minutes, to hear experts discuss Walters’s observations and answer pressing questions around how to succeed in Customer Experience Management.

    Panelists:
    Marci Maddox, OpenText
    Kim Celestre, Forrester
    Scott Marshall, Amerisource Bergen
    Roopesh Nair, Sapient Nitro
    Leo Mindel, Sotic Digital Sports Agency
  • How to Reshape Customer Conversations through Real-Time Customer Engagement Recorded: May 25 2015 50 mins
    Omer Minkara, Research Analyst, Aberdeen Group; Robert Thiele, Senior Director of SAP Corporate Alliance, OpenText
    According to Aberdeen, 50% of businesses say managing consistent customer experiences continues to be a top challenge. Today’s buyers demand higher levels of personalization with each interaction they have with a company. Customer Communications Management (CCM) can help personalize communications by capturing customer requirements on-the-go.

    Watch the webinar on demand, Reshape Customer Conversations through Real-time Customer Information, to learn about:
    - Business value of managing consistent and timely customer interactions
    - Best practices to ensure consistency of customer messages across your business
    - The growing role of content in delivering personalized customer experiences
  • Top 5 Trends in Information Governance Recorded: May 25 2015 65 mins
    Cheryl McKinnon, Principal Analyst, Forrester Research, Inc.; Liz Kofsky, Product Marketing Director, OpenText
    To keep up with soaring volumes of information, A strong Information Governance program is no longer a nice-to-have: It’s a must have. View Part 1 in the information governance webinar series, 5 Top Trends in Information Governance, to hear expert insights into the current state of information management, including investment priorities, technology adoption trends, and the top challenges facing enterprise decision-makers. Join guest speaker Forrester analyst Cheryl McKinnon and Liz Kofsky from OpenText as they discuss the findings from Forrester’s latest recent research in records management, information governance, enterprise content management (ECM) and archiving trends.
    You’ll learn:
    •The latest trends in information management
    •How to overcome the top information governances challenges facing organizations
    •Where to start your information governance program and how to get to successful information management
  • Large Scale, High Performance Visibility Plane for Cloud and Web Service Recorded: May 21 2015 48 mins
    Gordon Beith, Director of Product Management
    This webinar will describe the challenges faced by cloud and web service providers when attempting to monitor, manage, and troubleshoot across large data centers and networks, whether fully owned or hosted. It will describe the benefits of using a unified visibility plane as the solution to address these challenges, in a cost-effective and streamlined manner, whether it is for security, performance, and/or troubleshooting purposes.
  • Preventing Threats using Machine Learning, Contextualization and Predictability Recorded: May 21 2015 36 mins
    David Dufour, Senior Director of Security Architecture, Webroot
    With the rapidly accelerating nature of attacks on network infrastructure and software systems approaches such as static block lists, manual policy configurations and other current prevention techniques have become outdated. Through the use of distributed computing, contextualization and machine learning it is possible to build tools that analyze data across multiple threat vectors allowing for the development of predictive algorithms and a greater understanding of an organizations threat landscape. We will walk through common machine learning techniques, discuss contextualization, how predictive logic works and see a demonstration of contextualized threat intelligence.
  • How Fraudsters Steal Identities Recorded: May 21 2015 53 mins
    Fred Crawley, Managing Editor, Credit Today and David Pope, Marketing Director, Jumio
    This webinar will explore the methods criminals use to perpetrate fraud and steal identities and what you can do to secure your business without taking a hit on transaction completion and revenue.

    We'll cover:

    1. The common approaches used in identity theft and how they apply to e-commerce.

    - the coffee shop wifi hack
    - the local government census
    - social media techniques
    - the offer you can't refuse
    - the catchers supermarkets

    2. Firsthand research from the Jumio team and what they uncovered when they interviewed convicted ex-fraudsters, professional criminologists, law enforcement practitioners and fraud managers to uncover some of the exploits that fraudsters use.
  • Ponemon Institute: The Cost of Time To Identify & Contain Advanced Threats Recorded: May 21 2015 57 mins
    Dr. Larry Ponemon, Ponemon Institute + Arabella Hallawell, VP of Corporate Strategy, Arbor Networks
    The purpose of our study was to better understand the cyber-security challenges facing financial services enterprises as well as both conventional and Internet retail companies.


    Attend this webinar to learn:
    - The state of ATs and DDoS attacks in the two verticals
    - How companies deal with advanced threats and denial of service attacks
    -Industry differences: financial services vs. retail companies
  • Data Sovereignty and the Cloud Recorded: May 21 2015 48 mins
    Holger Mueller, VP & Principal Analyst, Constellation Research and Todd Partridge, Director of Product Marketing, Intralinks
    Cloud computing has broken down traditional geographic borders, and defining data ‘location’ has become more complex. Global enterprises embracing the cloud must deal with the compliance and risk challenges that arise when information is distributed across multiple physical, logical, and legal locations.

    Join our guest Holger Mueller, Vice President and Principal Analyst, Constellation Research, and Todd Partridge, Product Marketing Director, as they explore the challenges of information governance in the cloud:

    - The critical emerging topic of data sovereignty and jurisdiction
    - How governments are responding in different ways to the questions of data privacy and ownership
    - What organizations must do to address the varying requirements and regulatory environments
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Does PCI Compliance Help or Hurt Migration to the Cloud?
  • Live at: Sep 9 2010 4:00 pm
  • Presented by: Michael Dahn, PCI Compliance Analyst
  • From:
Your email has been sent.
or close
You must be logged in to email this