Many organisations' governance, risk management and compliance (GRC) practices have not changed for years. The result is organisations are struggling to keep up with the complex regulatory environment and meet external stakeholders' expectations. Many organisations, no matter what sector they trade in are seeking to become more flexible and profitable while increasing internal controls and reducing risk. These objectives appear to be contradictory, but one way large organisations can unite them is by improving their approach to GRC.

Recorded: 2011    Listen Now

Annual costs of data management are soaring. So how can your business stay ahead of the curve to achieve and maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS) and still deal with potentially millions of points of vulnerability?

Managing payment security is an ongoing challenge for organizations. To help businesses understand management trends and practices among peer groups, CyberSource and Trustwave, in partnership with the Merchant Risk Council (MRC), commissioned the Payment Security Practices and Trends Survey. The report summarizes the findings and provides insights and industry benchmarks, as well as industry trends.

On January 1, 2011 the Payment Card Industry (PCI) Data Security Standard (DSS) version 2.0 took effect. The new requirements represent a daunting task when it comes to improving an organization's existing security policies to include virtualized environments, policy governance, risk remediation, and 100% asset coverage.

One of the biggest sources of information risk companies face today is collaboration with externals. New tools have made document collaboration much easier and more accessible, but how does business take advantage of the benefits of online document collaboration tools, while avoiding the compromise of confidentiality of critical business information?

The Protegrity Data Security Platform design is based on a hub and spoke deployment architecture. The Enterprise Security Administrator (ESA) enables the authorized Security Officer to determine and set a unique enterprise wide Data Security Policy, and is the management tool (console) for the central control over policy, keys, and reporting.

Protegrity has invented a new tokenization technology that simplifies and dramatically lowers the cost of deploying this mode of data protection. Tokens are cost effective because they don't require security controls for protection – they're not sensitive data, they only represent that data. Yet tokens are transparent to most applications and business processes.