Whether you swipe it, chip it, tap it, or phone it in, if you are involved in capturing payments from a credit card, you are most likely required to comply with Payment Card Industry Data Security Standard (PCI-DSS) requirements. PCI-DSS compliance is ultimately about securing card based payment information to protect the sanctity of each transaction.
PCI-DSS is in a transitional phase in which version 3.1 is the accepted standard, with all participants moving to the 3.2 standards by January 2018. Although 3.2 is only a minor number change, there are numerous differences between the new version of PCI-DSS and the old one:
From LogRhythm’s perspective, the change from the old standard to 3.2 required creating a new compliance automation module to avoid confusion with the new control mappings. LogRhythm’s recently released PCI-DSS Compliance Automation Module is one of our largest compliance modules ever. It contains:
In addition, as we built the PCI-DSS 3.2 Compliance Automation Module, we have added new rules, improved existing rule performance, and generally increased the coverage and capability of LogRhythm to support your PCI-DSS compliance initiative.
If you are new to using LogRhythm as part of your PCI-DSS compliance initiative, start with the user guide located on the Community. The guide contains provides you with the complete details about the compliance controls that the LogRhythm platform can fully or partially support. You may also consider leveraging our Compliance Co-Pilot service. Our professional services team will help you understand the LogRhythm capabilities and how they should be deployed and configured.
If you are already using the LogRhythm PCI-DSS Compliance Automation Module, you should consider upgrading now. Remember, PCI-DSS 3.2 is a separate module. The upgrade is not a straight one-for-one replacement. In fact, you can run both modules in parallel during the transition process.
Upgrading to the PCI-DSS 3.2 Compliance Automation Module will involve the following:
PCI-DSS compliance is serious business. Every month we hear about major loss of credit card information. Even the best PCI-DSS compliance cannot prevent all breaches. However, having even the basic defense posture required to support PCI-DSS can help your company stay out of the headlines and avoid significant fines (up to $500,000 per offense, plus $50–$90 per lost card!), loss of revenue (up to being banned from taking credit card payments!), and loss of consumer confidence and reputation.
Businesses need to stay proactive to protect their infrastructure from emerging attack vectors. LogRhythm provides a cybersecurity…
The combined company will bring together two cybersecurity SIEM and UEBA innovation leaders with renowned…
Security teams face the challenge of staying ahead of new and advanced threats. By harnessing…