• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Proactive / Continuous Compliance Approach to  PCI DSS by Dr. Anton Chuvakin
 

Proactive / Continuous Compliance Approach to PCI DSS by Dr. Anton Chuvakin

on

  • 2,830 views

by Dr. Anton Chuvakin, SecurityWarrior, LLC...

by Dr. Anton Chuvakin, SecurityWarrior, LLC

Current compliance methods are reactive and do little to improve security. In place of annual audits and document-heavy processes, a new, Proactive/Continous Compliance model makes compliance an element of normal information security operations. Compliance is managed day to day and minute to minute, providing clear visibility of compliance posture at any given time. Efficiency is increased, costs are reduced and the annual audit becomes a simple formality. In this presentation we'll cover the requirements, capabilities and benefits of this new compliance model.

Statistics

Views

Total Views
2,830
Views on SlideShare
2,830
Embed Views
0

Actions

Likes
2
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • “Clarified that identification of all locations of cardholder data should include instructions for configuring the underlying software to prevent inadvertent capture or retention of cardholder data”“Updated requirement to ensure that identified vulnerabilities are ranked according to risk.”
  • See, How to STAY PCI DSS compliant:http://chuvakin.blogspot.com/2009/01/how-to-stay-compliant-or-ongoing-tasks.html
  • PCI assessment case studyfrom Branden Williams (my co-author for “PCI Compliance” http://www.pcicompliancebook.info)
  • Auditor-proof security SUCKS!
  • Not getting daily compliance/security Process of complianceOperationalize – internalizeCompliance is seen as forced, not needed

Proactive / Continuous Compliance Approach to  PCI DSS by Dr. Anton Chuvakin Proactive / Continuous Compliance Approach to PCI DSS by Dr. Anton Chuvakin Presentation Transcript