This is according to general manager of the PCI Security Standards Council
(PCI SSC) Bob Russo, who told Bankinfosecurity.com that this is vital to
spotting any weak links in the card data protection chain, which could
undermine an entire system.
Performing annual risk assessments is one of the 12 central requirements
firms must go through to be certified PCI compliant, but it may be the case
that some companies do not devote adequate time and resources to this and
assume their systems will still be secure.
Mr Russo explained: "The standard requires an annual risk assessment, because
the DSS (data security standard) validation is only a snapshot of your
compliance at a particular point in time." Therefore, it is possible that
changes that have been made to a system since the previous evaluation could
have undermined security protections or opened up new vulnerabilit... (more)
With online retailers around the UK readying their systems for the annual
Christmas hike in sales, anything websites can do to create a competitive
advantage to differentiate them from their rivals will undoubtedly be
essential.
But while many firms may consider ramping up their marketing with special
offers and promotions, one area that could prove especially fruitful may be
embracing mobile commerce. This is no longer a niche technology, but one that
should be a serious part of a firm's ecommerce strategy.
Ensuring that ecommerce hosting solutions include provisions for users ... (more)
While bank loans, property leasing and constant monitoring meant that it took
an incredible amount of effort to set up a business 15 years ago, the
internet has provided entrepreneurial opportunities that nearly everyone can
take advantage of. Provided they know the basics, of course.
So, where should businesses begin when creating an e-commerce site?
Hosting
All websites need to 'exist' somewhere and this is where web hosting comes
in. Typically offered by third party companies, web hosting involves the
placing of a company website on an outsourced server. With many companies
of... (more)
It was observed many retailers track the activities of customers on their
online platforms and can collect a wide variety of data, ranging from past
purchasing habits and the type of items viewed to which web browser
individuals are using. The OFT is set to examine how organizations use this
vast amount of information and whether some people will see different prices
as a result.
Chief executive of the body Clive Maxwell said that innovation online plays a
key role in driving economic growth and the new investigation is part of the
OFT's commitment to ensuring that consumers can... (more)
Companies that are undergoing PCI compliance checks will have to ensure they
educate all staff working with sensitive materials so that data is kept
secure, it has been stated.
Research director at Gartner Australia Rob McMillan explained in an interview
with Computer World that one of the biggest security threats of next year is
likely to come from deceptive tactics that convince people to hand over
information such as access credentials.
He stated that this social engineering is becoming increasingly popular among
cybercriminals looking to take advantage of non-IT personnel who... (more)
Bob Evans
Max B
Alex Henthorn-Iwane
Mark van Rijmenam
Dan Ushman
Randy Roberts
Ross Brouse
Swarup Biswas
