102215 Infographic PCI DSS 3-1 Compliance · Are you Compliant? If your business accepts... then...
Transcript of 102215 Infographic PCI DSS 3-1 Compliance · Are you Compliant? If your business accepts... then...
Are you Compliant?
If your business accepts...
then you NEED to be compliant!
Credit Cards Mobile Payments Online Payments
Do you meet 3.1?• Have you created a security policy that meets compliance?
• Do you scan for vulnerabilities?
• Do you conduct application layer penetration testing?
• Do you review all code changes before production?
• Have you implemented change control procedures?
• Do you identify, prioritize and address newly discovered and common security vulnerabilities?
• Have you incorporated information security in the SDLC?
• Do you maintain secure environments?
• Do you train developers to code more secure apps?
24%of organizations have experienced a data breach.
Of all the organizations breached in the last 10 years,
had been found compliant at the time of breach!
NOT ONE
The average cost of a data breach is
of consumers would be less likely to engage with a business that has been breached. $3.8M
$
69%
The average time a compliant driven vulnerability stays open is
352 DAYSJAN
MAY
SEP
FEB
JUN
OCT
MAR
JUL
NOV
APR
AUG
Maintain secure environments
Incorporate information security in the development process
Identify, prioritize and address newly discovered and common security vulnerabilities
Implement change control procedures
Review code before production
Scan for vulnerabilities and conduct application layer penetration testing
Create a compliant security policy
Train developers to code more secure apps
How do you become compliant?
Partner with WhiteHat Securityfor all your PCI DSS 3.1 andApplication Security needs!
QUALITY GOODS
SourcesWhiteHat Security Top 10 PCI DSS 3.0 Changes That Will A�ect Your Application Security Programhttp://whitehatsec.folloze.com/public/item/68615?token=1ced6171d3
WhiteHat Website Security Statistics Report 2014https://www.whitehatsec.com/resource/stats.html
Ponemon Institute 2014 Cost of Data Breachhttp://www.ponemon.org/blog/ponemon-institute-releases-2014-cost-of-data-breach-global-analysis?s=cost+of+data+breach
Verizon 2015 PCI Compliance Reporthttp://www.verizonenterprise.com/pcireport/2015/
For more information on PCI Compliance, please visit www.whitehatsec.com or email [email protected]