Baronscourt Home
 
 
Saturday 31st July 2010
 

You are here: Home / Site Map

 
 
 

85% of PCI DSS Compliance is Policies and Procedures.

By Tara Hutton

May 30, 2008

Amex data security expert to hold London seminar to answer specific PCI questions.

PCI DSS has become one of the most commonly used acronyms across the UK today.  While it can be said that organisations have moved on from the initial fact finding and planning that characterised PCI projects in 2007 and have begun implementation, many have dealt only with the easier tasks associated with infrastructure control.

A much more difficult issue is getting the company at large to buy into the culture of security that is required to obtain compliance. Indeed, ensuring ongoing vigilance and retaining the security posture necessary to retain certification is the real problem.

As the PCI projects have unfolded, organisations are challenging the directive with some real life issues. Questions like ‘We are the service provider and store data on behalf of the client. However the client is the merchant as they take the money.  Do we need two separate accreditations? Whose legal responsibility is it if the Visa client's data is compromised?”

Recent research carried out by security software vendor Baronscourt has highlighted the areas of the PCI directive that are proving difficult. Namely Multi Channel Regulation, Multi Region Compliance and Managing Third Parties. Questions around these areas can be complex to understand, implementing them in fast moving retail environments can be a nightmare.

American Express Data Security Expert, Branko Lolich, is teaming up with Baronscourt and Security Risk Management Ltd to address many of these issues first hand.  In a one hour seminar, attendees will have an opportunity to pose their real life PCI implementation challenges to subject matter specialists. The aim is to get communication on the issues flowing between attendees and the panel, and to provide meaningful information to the Compliance audience who are charged with PCI implementation.

In the lunch time seminar in Central London on 11th June, Branko, along with Paul Brennecker formerly of Barclaycard, will answer delegates PCI related questions.  The seminar will begin at 12.30 with lunch, before panelists open the floor to questions. Places for the event have been limited to ensure full interaction with the panel.  If you would like to register for the event or request further information, please call Tara Hutton on 0207 917 9527 or email thutton@eu-baronscourt.com

Date:     Wednesday 11th June 2008
Time:     12.30 – 14.00     Lunch will be served from 12.30 – 12.50
Venue: 1 Queen Anne’s Gate, London SW1H 9BT

More News

 
 
 
Next Steps


Multimedia demos
Case Studies
30 day Trial
Personal Demo
 
 
 
MetaCompliance Policy Enterprise
 
 
 
 
 
MetaCompliance Policy Classic
 
MetaCompliance Policy Laptop
 
 
 
WebEncript - This site is verified as secure daily by encription limited ethical hacking services
Search Content | Search News
Privacy Policy | Copyright Info | SiteMap | Home

Copyright Baronscourt Technology, © 2010. All Rights Reserved.
Partner Certification