Current Issue

Credit card council releases cyber risk mitigation guidance

Comments Email

By Judy Greenwald, Crain News Service

WAKEFIELD, Mass. (Aug. 12, 2014) — The payment card industry’s regulatory organization has issued guidance to help merchants and others reduce credit card security risks.

Businesses are rapidly adopting a third-party operations model that can put payment data at risk, the Wakefield -based PCI Security Standards Council L.L.C. said Aug. 7 in a statement.

It said the guidance will help organizations and their business partners reduce this risk by better understanding their respective roles in securing card data.

It said the guidance developed by a PCI special interest group of 160 organizations including merchants, banks and third-party service providers provides recommendations for meeting the PCI data security standard requirement to ensure payment data and systems entrusted to third parties are maintained in a “secure and compliant manner.”

Most retailers are complying with this standard, says an expert.

PCI said the guidance includes recommendations on how to:

• Conduct due diligence and risk assessment when engaging third-party service providers to help organizations understand the services provided and how the PCI data security standard requirements will be met by those services.

• Implement a consistent process for engaging third parties that includes setting expectations, establishing a communications plan, and mapping third-party services and responsibilities to applicable PCI data security standard requirements.

• Develop appropriate agreements, policies and procedures with third-party service providers that includes considerations for the most common issues that arise in this type of relationship.

• Implement an ongoing process for maintaining and managing third-party relationships throughout the lifetime of the engagement, including the development of a robust monitoring program.

To view the “Third-Party Security Assurance Information Supplement,” click here.

This report appeared on the website of Crain’s Business Insurance magazine, a Chicago-based sister publication of Tire Business.

More Polls>

TB Reader Poll

Previous | Published August 31, 2015

With the subject of Chinese-sourced tire garnering so much attention, do consumers really care about where their tires come from? How many of your customers ask about the origin of tires they’re buying?

None
18%
(34 votes)
10%
26%
(49 votes)
11 to 20%
13%
(25 votes)
21 to 35%
14%
(27 votes)
36 to 60%
21%
(39 votes)
All of them
8%
(16 votes)
Total votes: 190