
Wednesday, September 16, 2009

Video: PCI Compliance Missteps

sponsored by McAfee, Inc.


Interpreting and applying technology and controls to the Payment Card Industry Data Security Standard (PCI DSS) can be confusing. Ed Moyle, Manager, CTG, outlines the common mistakes organizations make when trying to meet a PCI DSS audit and how to avoid them. He also outlines the key areas companies need to focus on when dealing with an assessment, including:

  • Impact of scope

  • Authentication data, and requirements if you encrypt the PAN

  • Issues related to application lifecycle management

  • Areas where documentation is often insufficient

Speaker Ed Moyle Manager, CTG
Ed Moyle is currently a manager with CTG's Information Security Solutions practice, providing strategy, consulting, and solutions to clients worldwide. His previous positions include VP and ISO with Merrill Lynch Investment Managers, Department of Defense JCALS consultant with CSC, and lead developer and manager of Research and Development at ICT. He is also the founding partner of compliance and information security consultancy Security Curve.

Reblog this post [with Zemanta]