NewsForegenix and industry news.

Foregenix was a strategic sponsor at the recent PCI Abu Dhabi event held on the 23rd November 2011.  The event was very well attended by senior security professionals from across the Middle East and consisted of technical advice, case studies and examples of security best practice in the protection of information, specifically credit card data.  The Foregenix team were in Dubai and Abu Dhabi for the week meeting clients and exhibited our FScout Cardholder Data Discovery solution at the PCI Abu Dhabi event.

Given that we (as a team) have been attending PCI DSS conferences like the PCI Abu Dhabi event going back to 2005, it is very interesting to see how the market is progressing positively towards PCI DSS compliance.  Each year more companies are attending these types of events and it is clear that the level of understanding on PCI DSS is improving, certainly in the banking, processing and large merchant space.  

We have also seen this in the increase in enquiries regarding our FScout Cardholder Data Discovery Solution – clearly businesses are beginning to work out that they need to accurately find where they are storing cardholder data within their business, so that they can protect it, or securely delete it if it is no longer needed.  Once that’s done, the proactive security officers/managers maintain a weekly/monthly scanning schedule for unprotected cardholder data to identify leaks in their systems and processes or malicious behaviour - this takes very little effort once the initial scanning is completed and gives them the assurance that their data is not sitting unprotected anywhere in their business.  This regular scanning for cardholder data data also helps them with their PCI DSS project in that they can prove to their QSA that they are taking thorough, automated steps to maintain their PCI Cardholder Data Environment, as outlined in the guidance notes on PCI DSS v2.0 that read as follows: 

While the PCI Abu Dhabi event was a great success for all who attended, a portion of the PCI market that remains a significant concern to us (both as information security professionals and consumers) is the smaller end of the merchant market, who very rarely seem to attend such events, and from our forensic investigation experience with many of these types of business, have very little knowledge or understanding on the concepts of PCI DSS and securing customer data.  Hopefully in future events/conferences we will start to see more participation from these types of business as they make up the vast majority of the merchants in the market and they need the education to protect their client data.

In conclusion, it was a very successful event and commendations go out to AKJ Associates for a very well run, professional event. We’d also like to say thank you to all the people and companies that were in contact with us at the PCI Abu Dhabi event – we appreciate your interest in our business and our FScout Cardholder Data Discovery solution.  If you require any further information, please get in touch.