Smart companies will use the latest PCI upgrade as the motivation for putting their entire security and privacy compliance programs in order, building in security assessment from the ground up. Complying once and then forgetting about it until the next audit is bad practice. To successfully drive more business through the online channel, organizations cannot ignore Web privacy and application security. Only through a combination of dedication, education, business process improvement and risk management technology will firms be able to properly protect and control the online channel.
Meeting the PCI requirements for Web application security by employing code review and a Web application firewall is a great starting point, but to fully protect consumer data and implement a comprehensive online risk management strategy, organizations must also enforce policies that include ongoing compliance monitoring procedures.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.