Blog dedicado al estudio de la Seguridad de la Información - Privacidad - Seguridad Informatica - Auditoria informática.
(Recopilación de principales noticias, eventos, politicas de seguridad, guías de buenas practicas, normas, estándares, herramientas, otros)
jueves, 21 de octubre de 2010
2010 PCI Compliance Report - Just Released (Verizon)
VERIZON 2010 PAYMENT CARD INDUSTRY COMPLIANCE REPORT A study conducted by the Verizon PCI and RISK Intelligence teams
This report analyzes findings from actual Payment Card Industry Data Security Standard (PCI DSS) assessments conducted by Verizon’s team of Qualified Security Assessors (QSAs). The report examines the progress of organizations toward the goal of compliance and includes topics such as how and why some seem to struggle more than others. Also presented are statistics around which PCI DSS requirements and sub-requirements are most and least often in place (or compensated for) during the assessment process. Finally, the report overlays PCI assessment data with findings from Verizon’s Investigative Response services to provide a unique risk-centric slant on the compliance process.