IT security and compliance professionals (at retail and other organizations involved in payment card processing) face ongoing pressure to not only comply with the payment card industry (PCI) data security standards (DSS), but to ensure they also are keeping pace with rapidly shifting security threats. The risks associated with noncompliance and/or a security breach—including fines, litigation, and reputation damage—are too great to ignore.
This whitepaper defines potential compliance and security gaps and identifies what effect these gaps can have on your organization. It also explores how a positive security solution can close these gaps to ensure the security of servers and endpoints, as well as compliance with PCI DSS. This will include a discussion of five core compliance controls:
- Continuous audit and assessment of the PCI compliance validation process
- File integrity control/monitoring and correlated contextual logging
- Risk analysis and measurement of PCI compliance
- Configuration delta monitoring
- Policy and security awareness audit consolidation
The PCI Security Standards Council announced new guidance regarding application whitelisting and continual risk monitoring.