Panel Discussion: Navigating PCI Security Mountains in the Cloud

Presented by

Brandon Dunlap, Bob Russo (PCI SSC), Jason Yaeger (Online Tech), Randal Asay (Catbird)

About this talk

Organizations outsourcing card data to the cloud face significant security risks. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for the PCI Data Security Standard (PCI DSS). And as soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI DSS becomes increasingly challenging. In this new environment cloud users and cloud service providers need to clearly understand what their roles and responsibilities are when it comes to protecting this data. Organizations need to know where their data is at all times yet they have limited or no control over cardholder data storage. These are all things that you have to take into consideration when you're thinking about outsourcing to a cloud provider. In this webcast our panel will address ways to navigate the main PCI security challenges in the cloud, and attendees will gain insights on: - Emerging PCI security risks in the cloud - Processes for assessing risk when card data could potentially be stored in multiple locations - Recommendations for achieving PCI compliance across virtual environments - How to use a data-centric approach to maintain PCI scope management

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (131)
Subscribers (41524)
The IT GRC Forum produces online events and provides professional networking facilities and market intelligence to Governance, Risk Management and Compliance professionals.