Home page logo
/

isn logo Information Security News mailing list archives

After Target, Neiman Marcus breaches, does PCI compliance mean anything?
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 28 Jan 2014 06:24:47 +0000 (UTC)

http://www.computerworld.com/s/article/9245709/_After_Target_Neiman_Marcus_breaches_does_PCI_compliance_mean_anything_

By Jaikumar Vijayan
Computerworld
January 24, 2014

The recent data breaches at Target and Neiman Marcus have once again shown that compliance with the Payment Card Industry Data Security Standard (PCI DSS) is no guarantee against an intrusion.

What's unclear is whether the problem lies in the standard itself, or the manner in which it is implemented and assessed.

Neiman Marcus on Thursday became the latest company to suggest that PCI compliance had brought it little security against a major intrusion.

In a letter to U.S. Sen. Richard Blumenthal (D-Conn.) explaining the recent breach that exposed 1.1 million payment cards, Neiman Marcus CIO Michael Kingston claimed the intrusion happened even though the company had security measures that exceeded PCI standards.

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/


  By Date           By Thread  

Current thread:
  • After Target, Neiman Marcus breaches, does PCI compliance mean anything? InfoSec News (Jan 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault