PCI Security: Q&A with Anton Chuvakin, PCI Compliance Expert
Beyond that, there are multiple other high risk areas. Wireless is still one of the weak points, despite TJX and other breaches. Poor network segmentation where cardholder data resides on the same network as other non critical, often compromised, systems is another. Finally, insecure web applications are also one of the top vectors for card data theft.
VPN Haus: What needs to change for the industry to adopt a "security and risk" mindset versus a "compliance and audit" approach?
Next week VPN Haus continues this conversation with Chuvakin, tackling the mysteries of compliance and the prevalent “it won’t happen to my company” attitude.
Anton Chuvakin is a principal at Security Warrior Consulting, specializing in PCI DSS, SIEM and log management services for security vendors and enterprises. He also runs the Security Warrior blog and is based in San Francisco.
[tweetmeme source=”vpnhaus” only_single=false]