thePCI Portal

Category: TEA

A new kind of fine related to non-compliance – $100K+

Dwolla (the online payment system)  claimed that it encrypted all sensitive personal information and that its security practices exceeded industry standards and achieved compliance with the Payment Card Industry Data Security Standard (PCI-DSS). Supposedly the (USA) Consumer Financial Protection Bureau thinks that Dwolla failed to employ reasonable and appropriate measures to protect consumer data from…

SSC announces an awareness program from a 3rd party?

New online security awareness course named PCI Essentials announced by the Security Standards Council.   Developed and sold by Security Innovations, the course is intended to improve security awareness.  Currently priced at 69, presumably American, dollars it is said to include a 30% introductory discount.  The discount disappears August 31 2014, so the price is $USD 99.  The new…

Awareness success story!

Its not often you get to hear about how a successful awareness program thwarted an attack. Computerworld magazine recently published an article about some recent attacks that were alleged to be retaliatory for a writer’s negative presentation at the RSA conference. Computerworld’s parent company, IDG Enterprises was supposedly worried about becoming retaliatory targets themselves for reporting…