Credit cards risked by standards failure

Credit cards risked by standards failure

Summary: If you're giving someone your credit card details, you'd like to think they were being handled securely. But a recent report from Verizon Business has revealed that a mere 22 per cent of organisations surveyed were fully compliant with the relevant security standard, the PCI DSS.

SHARE:
TOPICS: NBN, Broadband, Security
6

If you're giving someone your credit card details, you'd like to think they were being handled securely. But a recent report from Verizon Business has revealed that a mere 22 per cent of organisations surveyed were fully compliant with the relevant security standard, the PCI DSS.

On Patch Monday this week, Stilgherrian discusses the Verizon Payment Card Industry Compliance Report (PDF) with Mark Goudie, who heads Verizon Business' forensics practice in Melbourne. He explains that companies that were failing compliance were also failing in ways that directly affected their ability to keep cardholder data secure. As with so many security-related matters, it was more a matter of human systems than technology.

We also discuss the latest on the National Broadband Network (NBN) with journalist and telco analyst Richard Chirgwin. The Tasmanian Government has decided to make an NBN fibre connection opt-out rather than opt-in. Opposition Communications Spokesperson Malcolm Turnbull claims this reveals the flaws in the NBN Co business model, and that householders will be forced to use the NBN. Is he right?

Patch Monday also has Stilgherrian's random look at the week's IT news.

To leave an audio comment for Patch Monday, Skype to stilgherrian, or phone Sydney 02 8011 3733.

Running time: 24 minutes, 54 seconds

Topics: NBN, Broadband, Security

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • This is damning, and when you consider the proven technologies available, particularly the likes of Centrify, then there really is something quite amiss with our strategies around data protection.
    refardtmark@...
  • Yes, Centrify, Quest and Likewise all offer products around PCI compliance for UNIX/Linux. Their products are almost identical in all respects.
    thursbysoftware
  • Except one is the undoubted leader :) another kiwiguy!! :)
    refardtmark@...
  • Now a day's there are many technologies available so I think we should aware of these but not necessarily we know all of them.
    creditcardsau
  • The technology in any field is very active and on advanced stage and going on. In market the technologies available are very good and bad as well. so, advantages and disadvantages are two sides of technology and we have to accept it.
    More information is available @ http://www.creditcardsaustralia.com.au/
    creditcardsau
  • Yes nice content I have read after long time, really very good post for updating the knowledge regarding the topic.The site I would like to recommend for user for such topic , http://www.bvf.com.au/

    Thanks for sharing the post. good luck
    bvfau