Retail sector slow in adopting new PCI standards
Posted on 31 October 2013.
Tripwire announced the results of research on risk-based security management in the retail industry, and the news isn't good: the majority of the retail sector is yet to implement to the new PCI standards.

The survey, conducted in April 2013 with the Ponemon Institute, evaluates the attitudes of 1,320 respondents from IT security, IT operations, IT risk management, business operations, compliance/internal audit and enterprise risk management. One hundred sixty-two retail sector respondents from the U.S. and U.K. participated in the retail portion of the survey.

The most recent version of the Payment Card Industry Data Security Standard (PCI DSS 3.0) will soon require businesses to implement and perform penetration testing. In addition, PCI DSS 3.0 will also clarify different methods of secure authentication and session management so businesses can better protect themselves against man-in-the-middle, man-in-the-browser and other similar cyber attack methods.

However, the study revealed that the retail industry hasnít yet implemented these new security requirements.

Key findings include:
  • Only 41 percent of the retail sector uses penetration testing to identify security risks.
  • Only 34 percent of the retail sector measures the reduction in access and authentication violations to assess risk management efforts.
  • Only 44 percent of the retail sector has fully or partially deployed file integrity monitoring.
  • 62 percent of IT professionals in the retail sector say that negative facts about security risks are filtered before being communicated with senior executives.
For more information about this survey, go here.





Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, youíll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //