In my last article I spoke at some length about not just why a Security Policy is important, what its content should be, but also how it should be written. There is no default setting for Security Policy. Remember, what works for one organisation probably won’t work for another.
Author: Jim
Better Security Policy Leads To Greater Compliance
Using Sampling To Ensure Effective Audit, Certification and Accreditation.
Highlights from the Verizon 2014 PCI Compliance Report
Verizon has published its 2014 PCI Compliance Report, which can be downloaded from here. Like their Data Breach Investigation Report (DBIR) it is an excellent piece of research and provides insight into the challenges associated with complying with the Payment Card Industry’s Data Security Standard (PCI DSS) v2.0.