For Security & Risk Professionals

This is an excerpt

Executive Summary

Visa and MasterCard released the Payment Card Industry (PCI) Data Security Standard (DSS) two years ago to ensure consistent security standards for the protection of credit card data. Since then, American Express, Diners Club International, Discover Bank, and JCB International Credit Card have also endorsed the standard and are asking their customers to adopt it. The compliance levels remain low because the consequences for noncompliance weren't clear. Lately, however, the credit card companies have been threatening their clients with severe punitive consequences for noncompliance, including fines or loss of privileges to use their brands. As many companies scramble to get compliant after an initial period of inattentiveness, here are the top 10 things they need to know.

TABLE OF CONTENTS

• 1. Who in the organization should be responsible for PCI compliance?
• 2. Am I responsible for ensuring data protection for my business partners?
• 3. What are the significant changes in the new version (1.1) of the PCI standard?
• 4. What will be the impact of the new application security requirements?
• 5. What are some carrots and sticks to encourage compliance?
• 6. How much are companies spending to achieve PCI compliance?
• 7. What is the current compliance rate?
• 8. What are the most common compliance shortcomings?
• 9. What are the best practices for developing a compliance program?
• 10. How do I choose a vendor to help me with PCI?

This is an excerpt

Buy Risk-Free

Price: US $499

Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.

Already a Forrester Client?
Log in to read this document.