PCI QSA Consultant & Global Security Expert Charles Denyer Reveals Top 10 Challenges and Recommendations for PCI DSS Compliance.
Atlanta, GA (PRWEB) July 21, 2014
Noted PCI QSA & leading cyber security expert Charles Denyer has spent considerable time in recent years assisting organizations with the Payment Card Industry Data Security Standards (PCI DSS) provisions. As a result of his extensive experience and hands-on consulting with organizations from coast to coast, he's witnessed first-hand the many technical and operational challenges and roadblocks faced by the daunting challenges of PCI compliance. Charles' top 10 list, a comprehensive three (3) part technical white paper series that provides invaluable insight into the challenges, lessons learned and recommendations for helping conquer PCI compliance once and for all.
PCI QSA Charles Denyer has worked with a wide variety of organizations requiring PCI compliance, ranging from small start-up service providers to nationally recognized companies. Along the way, he has found that almost every organization has unfortunately fell victim to the same challenges for PCI compliance. Be it provisioning system components or drafting policies and procedures, companies are failing to recognize the criticality and importance of many "hot button" technical and operational issues that present significant constraints to PCI compliance. As such, Charles' Top 10 list, a comprehensive three (3) part technical white paper series, consists of a discussion of the following PCI challenges:
1. Provisioning, hardening, securing and locking-down all in-scope "system components"
3. Two-factor authentication
4. Web application firewall (WAF)
5. Audit Trails and Logging
6. Log Server | Syslog
7. File Integrity Monitoring
8. Intrusion Detection System
9. Policies and Procedures
10. Operational Commitments from Internal Personnel
Read the entire three (3) part (Part I, Part II, and Part III) series to learn more about PCI QSA Charles Denyer's Top 10 Challenges and Recommendations for PCI Compliance
About Charles Denyer
Charles Denyer is a member of NDB, a nationally recognized firm specializing in Regulation AB, Service Organization Control (SOC) reporting (SSAE 16, AT 101, Trust Services Principles | TSP), ISAE 3402, FISMA, FIPS, FERC, NERC, U.S. National Security Critical Infrastructure Protection (CIP), CMSR | SSP, GLBA, FFIEC, NIST SP 800, DFARS 252.204-7012, HIPAA, ISO 27000 series, and PCI DSS compliance, along with many other regulatory compliance initiatives. He is also actively involved in numerous professional associations and organizations for a wide range of industries and business sectors, such as the American Nuclear Society (ANS), ISACA, and the Cloud Security Alliance (CSA), just to name a few.
Recipient of numerous accounting and technology certifications along with a Masters in Information and Telecommunication Systems from the Johns Hopkins University and a Masters in Nuclear Engineering from the University of Tennessee at Knoxville. Expertise includes information security, cyber security, national security and homeland defense, and conducts independent research projects on specific subject matter for various entities.
Contact: cdenyer(at)ndbcpa(dot)com or at 800-277-5415-ext.705.Mr. Denyer holds numerous accounting and technology certifications along with a Masters in Information and Telecommunication Systems from the Johns Hopkins University and a Masters in Nuclear Engineering.