Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Get updates on Compliance Week offerings, including new features, databases, research, and other resources, along with announcements of upcoming Webcasts, conferences, seminars, CPE/CLE opportunities and more.

Published every Thursday, Compliance Week Europe offers a condensed summary of risk, audit, and compliance news either originating in Europe, or of special interest to European compliance professionals. This newsletter will follow developments by the European Commission, as well as those of national governments across the region, or any U.S.-based news that might have consequence across the Atlantic. Frequency: weekly; Thursday a.m.

A fresh edition of Compliance Week delivered via e-mail and online every Tuesday morning, relentlessly focused on the disclosure, reporting and compliance requirements of our 25,000+ paying subscribers.

Published every Friday, Compliance Weekend was launched at the behest of subscribers, and offers a quick Plain English review of the week's key developments. We hope you enjoy this supplement to Compliance Week's Tuesday edition.


Status message

Start your free, no obligation 10-day trial to continue exploring with full access.

Updating PCI Compliance to Thwart Breaches

James Bone | February 2, 2010

Breaches of consumers’ personal information are quickly becoming one of the biggest operational risks facing any business conducting electronic commerce. How big? The Federal Trade Commission estimates that breaches of “PCI” hit 9 million Americans and cost about $52 billion—annually.

With so many PCI security breaches making headlines, you can’t help but question how effective most PCI compliance programs actually are. The massive breaches at Heartland Payment Systems in 2009 and at TJX Cos. in 2006 are only two examples, which underscore the need for even more stringent methods to safeguard customer confidential data. A recent Ponemon Institute survey of 43 businesses that had experienced a data breach found that 84 percent had multiple breaches; nearly all cases (88 percent) involved insider negligence.

Weaknesses like that, combined with the lack of any federally mandated privacy standard, have created a policy vacuum that... To get the full story, subscribe now.