With the PCI Security Standards Council’s release of the PCI Data Security Standard (PCI DSS) Virtualization Guidelines, Cyber-Ark(R) Software, a leading global information security provider for protecting and managing privileged accounts and sessions, critical applications and sensitive information, offers retail and e-commerce organizations guidance on necessary requirements to achieve PCI Version 2.0 compliance, including within…
The 2009 3rd annual Cyber-Ark “Trust, Security & Passwords” survey of
more than 400 IT professionals has found 35% of IT workers now access
corporate information without authorization, a 2% increase over the year
ago period. Concerning mostly enterprise class companies in the US and
UK, additional findings show 74% could circumvent security controls
currently in place; 20% of companies have experienced insider IT
security fraud, of which 36% suspect their competitors to have gained;
71% of respondents oversee privileged accounts which are partially
monitored; 35% of IT administrators admitted using administration rights
to access confidential information such as HR records, customer
databases, M&A plans, layoff lists and marketing information. With the
depletion of the economy, Cyber-Ark also saw an increased interest in
appropriate information between 2008 and 2009, such as M&A Plans with 7%
and 47%, respectively; R&D Plans with 13% and 46%, respectively; CEO
Passwords with 11% and 46%, respectively; Financial Reports with 11% and
46%, respectively; Privileged Password List with 31% and 42%,
respectively; and Customer Database with 35% and 47%, respectively. The
full report can be seen at;
http://www.cyber-ark.com/pdf/Cyber-Ark_Spring_2009_Snooping_Survey.pdf .
ConfigureSoft, Cyber-Ark, Modulo Security, Proginet, Protegrity USA, Reflex Security, SafeNet and Verisign data security companies have created The Payment Card Industry Security Vendor Alliance – (PCI SVA). The PCI SVA will assist members of the payment card industry and the PCI Security Standards Council in educating the business community on the requirements and business value of the Payment Card Industry (PCI) Data Security Standard, a global benchmark intended to improve security throughout the entire payment card transaction process. PCI SVA plans to create a series of case studies, seminars, return-on-investment analyses, and white papers to show how organizations may achieve compliance with the PCI DSS requirements efficiently and on-budget.