- AI could erase half of entry-level white collar jobs in 5 years, CEO warns
- Is all this data about our health good for our health?
- Why I prefer this Lenovo tablet over the iPad for multimedia consumption - and it's $130 off
- This Android tablet brings a $1,700 iPad Pro feature to the $400 price range - and it's just as good
- You can still get a free 27-inch monitor when you buy the Samsung Odyssey G9 - here's how
New Infographic: PCI DSS Vulnerability Management Processes
The PCI Data Security Standard (PCI DSS) includes several requirements in Requirement 6 and 11 that govern vulnerability management and reference related timeframes.
A new FAQ and related infographic have just been published to address stakeholder questions and requests for guidance and clarity around 1) identifying and risk-ranking vulnerabilities, and 2) resolving or addressing vulnerabilities.
Vulnerability management is a cornerstone of any robust information security program. Classifying the risks (i.e., as critical, high, medium, or low) allows organizations to identify, prioritize, and address the highest risk items more quickly, and reduce the likelihood that vulnerabilities posing the greatest risk will be exploited. Identifying and addressing vulnerabilities promptly in accordance with an organization’s risk classification reduces the likelihood of a vulnerability being exploited and the potential compromise of a system component or cardholder data.
In this new FAQ and infographic, the PCI Security Standards Council (PCI SSC) shares key insights on how these vulnerability management requirements fit together, factors to consider during the vulnerability risk-ranking process, and the meaning of language used in these requirements.
