« Log Trustworthiness Hierarchy | Main | LogLogic Announces MSP Partner Program »
Breaches Rise - PCI DSS Enforcement Lags
The Computing Technology Industry Association (CompTIA) recently commissioned a survey of IT organizations regarding the severity of security breaches within their IT environments. Given all the publicity surrounding compromised systems over the past year, the results are hardly surprising - the severity level is on the rise. Timothy Prickett Morgan of IT Jungle provides a good survey synopsis here ( http://www.itjungle.com/tlb/tlb092507-story08.html).
Here's a stat that should grab your attention -- Across all companies, the average cost of dealing with a security breach was $369,388, with a number of large companies with breaches that cost more than $10 million each thus skewing the average. That's a hefty price stemming from various kinds of malware and human mistakes.
Now that the Payment Card Industry Data Security Standard (PCI DSS) deadline has passed (see story here - http://www.scmagazineus.com/Visa-PCI-deadline-looms-for-tier-one-merchants/article/35880/) and a significant amount of large companies still haven't completed PCI compliance work, you can expect a fair amount of finger pointing in the near future as organizations fail external audits.
LogLogic's Anton Chuvakin posed some great questions sure to fan the coming PCI DSS blame game flame ...
1) Who is ultimately responsible for data loss: merchants, banks, customers or ...?
2) Is Visa/MC PCI DSS too onerous, not enough or just "common sense" security?
No simple answers are expected, unfortunately. Penny (or perhaps $10 milion dollars in PCI fines?) for your thoughts?
Posted October 03, 2007 in Compliance | Permalink
TrackBack
TrackBack URL for this entry:
http://www.loglogic.com/mt/mt-tb.cgi/258
June 2008
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 |
Categories
Archives
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005