Can PCI Compliance be Harmful to Your Security Initiative?

Presented by

Ken Swain – Engagement Manager and Senior Security Engineer, HP

About this talk

Can PCI Compliance be Harmful to Your Security Initiative? Understand and Navigate Compliance in the Real World: PCI Compliance is necessary, but can it be harmful to your security? Does the prescriptive nature of the PCI regulations make enterprises spend money on controls that might be handled in a different way? Could this also cost the enterprise in capital and operational dollars that might be spent elsewhere? PCI Council General Manager Bob Russo's has defined PCI Compliance as a structured "blend...[of] specificity and high-level concepts" that allows "stakeholders the opportunity and flexibility to work with Qualified Security Assessors (QSAs) to determine appropriate security controls within their environment that meet the intent of the PCI standards." The question is how do you define and create the right structured blend for your organization? This webinar will help you to understand the difference between meeting a regulation and executing on a well-defined and successful Software Security Assurance program. Attendees will gain an understanding of common pitfalls in navigating the compliance focused enterprise and walk away with directives on how to create a secure environment while maintaining compliance.

Related topics:

About this channel

Information Security
Upcoming talks (19)
On-demand talks (3421)
Subscribers (176184)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.