PCI Security Standards Council announces new board of advisors
Posted by brianfpennington in PCI DSS Compliance on 16/05/2013
The PCI Security Standards Council (PCI SSC), announced election results for the 2013-2015 PCI SSC Board of Advisors. The Board will represent the PCI community by providing counsel to SSC leadership. The Council’s more than 690 Participating Organizations selected individuals from the following organizations to represent their industry’s unique perspectives in the development of PCI Standards […]
RSA’s April Online Fraud Report 2013, with a focus on the changes in Phishing tactics
Posted by brianfpennington in brian pennington on 13/05/2013
Phishing still stands as the top online threat impacting both consumers and the businesses that serve them online. In 2012, there was an average of over 37,000 phishing attacks each month identified by RSA. The impact of phishing on the global economy has been quite significant: RSA estimates that worldwide losses from phishing attacks cost […]
PCI Security Standards Council publishes card production security requirements
Posted by brianfpennington in PCI DSS Compliance on 09/05/2013
The PCI Security Standards Council (PCI SSC), has announced the publication of a standard for secure payment card production. The standard consists of two sets of requirements: PCI Card Production Physical Security Requirements PCI Card Production Logical Security Requirements Together, these documents provide card vendors with a comprehensive source of information describing the security requirements […]
RSA’s March Online Fraud Report 2013, with a focus on Email and Identity takeover
Posted by brianfpennington in brian pennington on 26/03/2013
RSA’s March 2013 Online Fraud Report delivers the results from RSA’s fraud monitoring centre, a summary of the report is below. Phishing attacks are notorious for their potential harm to online banking and credit card users who may fall prey to phishers looking to steal information from them. Compromised credentials are then typically sold in […]
Sometimes it is a good idea to have in-house skills
Posted by brianfpennington in PCI DSS Compliance on 20/03/2013
After many discussions with people responsible for achieving and maintaining PCI DSS compliance within their organisation and hearing about their problems and pains, I often think about the skills they need and where they can get them. They could recruit, outsource or train with training being the most cost effective. I noticed on the PCI […]
Merchant sues VISA. Biting the hand that feeds you?
Posted by brianfpennington in PCI DSS Compliance on 18/03/2013
I know that if there were no merchants there would be no credit card companies and I know that the “alternative” payments market is growing, such as PayPal and V.me, but at this time it is fair to say that consumers still favour credit cards when it comes to online payments. This is why when I […]
Receptionist prosecuted for breaching the Data Protection Act
Posted by brianfpennington in brian pennington on 12/03/2013
Another nosy parker faces the results of their snooping after she decided to spy on her ex-husband’s new wife. The GP receptionist at a Southampton surgery was prosecuted by the UK’s Information Commissioner’s Office (ICO) for unlawfully obtaining sensitive medical records. The ICO reported on the 12th March 2013 that Marcia Phillips was prosecuted under section […]