Credit Card Council Releases Cyber Risk Mitigation Guidance
By: Judy Greenwald (Business Insurance) August 2014
The payment card industry’s regulatory organization has issued guidance to help merchants and others reduce credit card security risks.
Businesses are rapidly adopting a third-party operations model that can put payment data at risk, the Wakefield, Massachusetts-based PCI Security Standards Council L.L.C. said Thursday in a statement.
It said the guidance will help organizations and their business partners reduce this risk by better understanding their respective roles in securing card data.
It said the guidance developed by a PCI special interest group of 160 organizations including merchants, banks and third-party service providers provides recommendations for meeting the PCI data security standard requirement to ensure payment data and systems entrusted to third parties are maintained in a “secure and compliant manner.”
Most retailers are complying with this standard, says an expert.
PCI said the guidance includes recommendations on how to:
• Conduct due diligence and risk assessment when engaging third-party service providers to help organizations understand the services provided and how the PCI data security standard requirements will be met by those services.
• Implement a consistent process for engaging third parties that includes setting expectations, establishing a communications plan, and mapping third-party services and responsibilities to applicable PCI data security standard requirements.
• Develop appropriate agreements, policies and procedures with third-party service providers that includes considerations for the most common issues that arise in this type of relationship.
• Implement an ongoing process for maintaining and managing third-party relationships throughout the lifetime of the engagement, including the development of a robust monitoring program.
Categories
- Benefits Resources
- Bonding
- BOP
- Business Insurance
- Commercial Auto
- Commercial Property
- Company News
- Construction
- Crime Insurance
- Cyber Insurance
- Directors & Officers
- Employee Benefits
- Employment Practice Liability Insurance
- Entertainment
- General Liability
- Health Insurance
- Healthcare
- Healthcare Reform
- Homeowners Insurance
- Hospitality
- Manufacturing
- Medical Malpractice
- Mining & Energy
- Nightclubs
- Personal Auto
- Personal Insurance
- Professional
- Restaurants
- Retail & Wholesale
- Risk Management Resources
- Safety Topics
- SBA Bonds
- Security
- Seminars
- Technology
- Tourism
- Transportation
- Uncategorized
- Workers Compensation
Archives
- May 2021
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- November 2018
- September 2018
- August 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- February 2013
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- March 2011
- November 2010
- October 2010
- September 2010
- April 2010
- February 2010
- November 2009
- October 2009
- November 2008
- August 2008