Using PCI As A Foundation For Security And Risk Management
January 11, 2010
Why Read This Report
PCI is controversial. As with any business requirement, it has its good parts and bad parts. Too many companies spin their wheels and complain about what they perceive as the negative or unjust parts of PCI. This does not help these companies become compliant or derive value from their compliance efforts. But bottom line, PCI is here to stay. It's time to move beyond complaining and embrace PCI to extract value. To get started, you must first acknowledge that the set of PCI requirements is really just good, basic security. In fact, PCI incentivizes security. It forces executives to take security seriously and unlocks security budgets. But to really maximize value, security and risk management executives must move beyond the five stages of PCI grief and: 1) shift their mindset to one of proactively embracing PCI; 2) implement PCI as a best practice underlying security framework; and 3) map PCI to other security standards like ISO. We refer to this as "PCI Unleashed."
Already a Client?
Log in to read this document.
Become a Forrester Client
Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.
This report is available for individual purchase ($499 USD).Purchase
Tools And Templates
Best Practice Assessments
- PCI Makes An Actionable Security Framework
- Drill Down Into The Framework To Understand The PCI Subrequirements
- The PCI Unleashed Framework Maps To The ISO Standard
- The PCI Unleashed Framework Can Be Used For Other Compliance Initiatives
Table of Contents
- PCI Is A Disruptive Force In Information Security
- PCI Is Poorly Understood In The Enterprise
- The PCI Troika: Compliance, Validation, And Security
- Making Peace With PCI: Shift Your Mindset From Grief To Acceptance
- Embrace PCI In Order To Unleash It
- Introducing The PCI Unleashed Framework
- PCI Drives Maturity And Reduces Risk
- Related Research Documents
Managing The Security And Risk Challenges Of Personal Devices In The Workplace
April 13, 2011 | Chenxi Wang
Simplify Cybersecurity With PCI
October 11, 2012 | Heidi Shey
Vendor Landscape: Web Application Firewalls
January 20, 2017 | Amy DeMartine