"PCI: Requirements to Action" Research Paper Helps Merchants Protect Against a Harrowing Holiday Shopping Season
New advisory supplement lists more than 30 immediate, high-impact steps for hardening information systems against security breaches.
Seattle, WA, November 18, 2009 --(PR.com)-- The Truth to Power (T2P) information governance research community has released a special advisory supplement to its critically acclaimed research publication, "PCI: Requirements to Action." The new supplement, entitled "10 Steps to Harden Commerce Systems Now," lists immediate, practical steps that can significantly reduce information security risks for merchants and financial institutions.
The original research paper "PCI: Requirements to Action" combines procedural analysis of compliance requirements with managerial advice for integrating PCI into a comprehensive risk management program. The paper includes:
-- More than 240 procedural action items, categorized by PCI DSS Section
-- Practical steps for avoiding common misconceptions and pitfalls of PCI compliance
-- Vendor-neutral guidance on leveraging PCI to improve the overall enterprise information security program
-- Key research references for information security modeling and execution
With the release of "10 High-Impact Steps to Harden Commerce Systems," T2P extends the original paper's research foundation to provide concrete, unbiased advice for merchants and financial institutions facing the year's most intensive business season.
The new supplement includes more than 30 specific checklist steps for:
-- Securing routers, firewalls, and wireless access points
-- Reducing the risk exposure of user accounts and network resources
-- Training seasonal sales-floor staff to enforce security procedures
-- Facilitating more efficient, effective incident responses
"Merchant companies' staff and systems are now under enormous pressure," says Cass Brewer, founder of Truth to Power. "Companies can't stop commerce to secure their systems; and yet, they must maintain system security and availability in order to enable commerce. '10 High-Impact Steps to Harden Commerce Systems' addresses this need with no-nonsense recommendations for high-impact, non-disruptive steps that can -- even under the gun -- significantly reduce merchant security risks."
"PCI: Requirements to Action - Practical Guidance for More Efficient, Effective Compliance" and the advisory supplement "10 High-Impact Steps to Harden Commerce Systems," are vendor-neutral publications written by T2P community members.
Both publications are available for free download at http://www.t2pa.com/pci-research.
--- Open Research and Information Governance Resources ---
"PCI: Requirements to Action" embodies Truth to Power's mission to build a common platform of practical knowledge, research, tools, and advice for information governance, risk management, and compliance.
By approaching practices such as compliance, data management, e-discovery, project management, and performance management in terms of process and information governance, T2P helps organizational leaders find the commonalities and optimization opportunities that span conventional business practices and operational roles. Other Truth to Power resources include:
--- Control and Risk Calculator: an interactive tool for assessing the effectiveness of internal controls and prioritizing IT investments.
--- IT Policy Templates Wiki: an open, collaborative repository of customizable policies for information security, data management, change management, and more.
--- T2P Rules & Standards Hub: a knowledgebase of more than 100 guidance documents information security, records management, IT auditing, IT investment management, and more
--- Filtered News Feeds: Daily categorized news updates, vetted and filtered for relevance and utility from hundreds of global news sources.
All T2P resources are free, many are collaborative, and each is vetted against hype and bias.
--- About the Truth to Power Information Governance Research Community ---
Founded on the principles of knowledge, utility, credibility, and community, Truth to Power, LLC provides critical information resources for humans and machines. T2P's guiding principles are: 1) To provide genuinely useful, unbiased business research and resources that help businesses reduce operational costs and uncover capital opportunities; 2) To reveal alignment between siloed business disciplines, organizations, frameworks, and practices; and 3) to enable and encourage community members to share practical experience and expertise towards a common good. Membership and resources are free. Be a part of Truth to Power at http://www.t2pa.com/.
###
The original research paper "PCI: Requirements to Action" combines procedural analysis of compliance requirements with managerial advice for integrating PCI into a comprehensive risk management program. The paper includes:
-- More than 240 procedural action items, categorized by PCI DSS Section
-- Practical steps for avoiding common misconceptions and pitfalls of PCI compliance
-- Vendor-neutral guidance on leveraging PCI to improve the overall enterprise information security program
-- Key research references for information security modeling and execution
With the release of "10 High-Impact Steps to Harden Commerce Systems," T2P extends the original paper's research foundation to provide concrete, unbiased advice for merchants and financial institutions facing the year's most intensive business season.
The new supplement includes more than 30 specific checklist steps for:
-- Securing routers, firewalls, and wireless access points
-- Reducing the risk exposure of user accounts and network resources
-- Training seasonal sales-floor staff to enforce security procedures
-- Facilitating more efficient, effective incident responses
"Merchant companies' staff and systems are now under enormous pressure," says Cass Brewer, founder of Truth to Power. "Companies can't stop commerce to secure their systems; and yet, they must maintain system security and availability in order to enable commerce. '10 High-Impact Steps to Harden Commerce Systems' addresses this need with no-nonsense recommendations for high-impact, non-disruptive steps that can -- even under the gun -- significantly reduce merchant security risks."
"PCI: Requirements to Action - Practical Guidance for More Efficient, Effective Compliance" and the advisory supplement "10 High-Impact Steps to Harden Commerce Systems," are vendor-neutral publications written by T2P community members.
Both publications are available for free download at http://www.t2pa.com/pci-research.
--- Open Research and Information Governance Resources ---
"PCI: Requirements to Action" embodies Truth to Power's mission to build a common platform of practical knowledge, research, tools, and advice for information governance, risk management, and compliance.
By approaching practices such as compliance, data management, e-discovery, project management, and performance management in terms of process and information governance, T2P helps organizational leaders find the commonalities and optimization opportunities that span conventional business practices and operational roles. Other Truth to Power resources include:
--- Control and Risk Calculator: an interactive tool for assessing the effectiveness of internal controls and prioritizing IT investments.
--- IT Policy Templates Wiki: an open, collaborative repository of customizable policies for information security, data management, change management, and more.
--- T2P Rules & Standards Hub: a knowledgebase of more than 100 guidance documents information security, records management, IT auditing, IT investment management, and more
--- Filtered News Feeds: Daily categorized news updates, vetted and filtered for relevance and utility from hundreds of global news sources.
All T2P resources are free, many are collaborative, and each is vetted against hype and bias.
--- About the Truth to Power Information Governance Research Community ---
Founded on the principles of knowledge, utility, credibility, and community, Truth to Power, LLC provides critical information resources for humans and machines. T2P's guiding principles are: 1) To provide genuinely useful, unbiased business research and resources that help businesses reduce operational costs and uncover capital opportunities; 2) To reveal alignment between siloed business disciplines, organizations, frameworks, and practices; and 3) to enable and encourage community members to share practical experience and expertise towards a common good. Membership and resources are free. Be a part of Truth to Power at http://www.t2pa.com/.
###
Contact
Truth to Power, LLC
Cass Brewer
1-(206)-407-3022
www.t2pa.com
Contact
Cass Brewer
1-(206)-407-3022
www.t2pa.com
Categories