the-infoshop.com - The vertical markets research portal
View CartView Cart
Global Information, Inc.
US: +1-860-674-8796
EU: +32-2-535-7543
SG: +65-6223-2436
  Home | Category | Publishers | Custom Research | E-mail Alert | About Us | Contact Us | Site Map |
 
RSS Feed
Telecom & IT
Next Generation Wireless Com
Wireless LAN
Mobile Subscribers
Contents
Mobile Handset
WiMAX/LTE
Optical Network
Optical Component
Set-Top Box
Broadband
FMC
NGN/IMS
Network & Access Devices
RFID
NFC
Digital TV
Satellite Telecom
LBS
Mobile TV
IPTV
E-commerce
Internet Security
Online Ad
Home Network
Enterprise Network
ME/Africa Telecom
North America Telecom
Latin America Telecom
Western European Telecom
Asia Telecom
Central & Eastern European Telecom
Middleware
Web-Service
Server
Embedded Software
Data Center
Green IT
Integrated Software
Operator Company Profile
VoIP
Billing systems
Contact Centers
Prepaid
CRM
BPO

* View All Categories
View Conferences
Home > Category > Telecom & IT >

Market Research Report

Understanding How PCI-Compliant Companies Can Be Breached: Security in a Post-Heartland World

Published by Javelin Strategy & Research Contact us : +1-860-674-8796
Published 2009/06 Content info 49 pages; 25 charts/graphs
Product code JAV92492
Price From  US $ 995 Order/Price list
US $ 995 PDF by E-mail (Single User License)
How to Order?
Delivery Time
PDF by E-Mail
Approx. 1-2 business days
Hard Copy/CD-ROM
Approx. 3-4 business days
If you need expedited delivery, please call us.
Description TOC

Table of Contents

  • Overview
  • Primary Questions
  • Key Findings
  • Methodology
  • Is PCI Effective?
    • PCI and Data Breaches
    • History
  • Myth: PCI-Compliant Companies Cannot Be Breached
    • Compliance Does Not Equal Security
    • Has a PCI-Compliant Company Ever Been Breached?
    • How do PCI Compliant Companies Become Non-Compliant?
  • New QSA Review Process
  • Prioritized Compliance: Mitigating Risk Faster
  • What Regulations Are Most Often Found to be Out-of-Compliance at Breached PCI-Certified Firms?
    • Requirement 10 in Detail: Logging
    • Requirement 6 in Detail: Web Applications
    • Requirement 3 in Detail: To Store or Not to Store PAN Data
  • When PAN Data Must Be Stored
    • Hashing
    • Emerging Technology
    • Tokenization
    • End to End (E2E) Encryption: Evolving Beyond Point to Point (P2P)
    • Chip and PIN
  • PCI Compliance in a Post-Heartland World
  • Glossary
  • Appendix A: PCI DSS
  • Appendix B: PCI SSC' s Risk-based Milestones
  • Appendix C: Merchant, Processor and Services Levels Defined
  • Appendix D: Certified QSA, PA-QSA, ASV
  • Appendix E: Assessments
  • Appendix F: Fraud Victims React by Avoiding Merchants
  • Related Research
  • Companies Mentioned

Table of Figures:

  • Figure 1: Top Ten Largest Publicly Reported Security Breaches
  • Figure 2: PCI Compliance by Merchant Level July 2007 to March 2009
  • Figure 3: Six Milestones Defined
  • Figure 4: Individual Card Requirements
  • Figure 5: The Most Common Requirements Not Met by Previously PCI-Certified Firms
  • Figure 6: Detail of PCI DSS Requirement 10
  • Figure 7: Detail of PCI DSS Requirement 6.5
  • Figure 8: Detail of PCI DSS Requirement 3.4
  • Figure 9: Examples of Alternatives to Obscuring PAN Data for Storage
  • Figure 10: Tokenization
  • Figure 11: Point-To-Point Encryption
  • Figure 12: End-To-End Encryption
  • Figure 13: PCI DSS “Digital Dozen”
  • Figure 14: Milestone One Mapping
  • Figure 15: Milestone Two Mapping
  • Figure 16: Milestone Three Mapping
  • Figure 17: Milestone Four Mapping
  • Figure 18: Milestone Five Mapping
  • Figure 19: Milestone Six Mapping
  • Figure 20: Merchant Levels Defined by Card Brand
  • Figure 21: Processor or Service Provider Definitions and Requirements
  • Figure 22: Merchant Level Certification Requirements by Card Company
  • Figure 23: How to Find Certified QSAs, PA-QSAs, ASVs
  • Figure 24: Self-Assessment Forms for Levels 2-4
  • Figure 25: Victims' Responses to Identity Fraud
Related Report
2009 Overview of the Business & Enterprise Application Software and Services Market in Emerging Asia-Pacific (India) Central and Eastern Europe Storage Software 2009-2013 Forecast and 2008 Vendor Shares Japan Enterprise Applications and Solutions 2009-2013 Forecast and 2008 Analysis Japan IDC's Compliance Taxonomy and Chief Compliance Officer Survey 2009 Telecoms Software Forecasts
Back to Top
Please inform me when related publications are released
InfoWatch

| FAQ | About The Infoshop | Policies | Site Map |
US: 1-860-674-8796 EU: 32-2-535-7543 SG: 65-6223-2436
The vertical markets research portal
© 2009, the-infoshop.com by Global Information, Inc. All rights reserved.