As I previously shared in our blog, Cybersixgill recently became the first actively contributing cyber intelligence company to align with the Payment Card Industry Security Standards Council (PCI SSC). PCI SSC is a global forum comprised of payments industry leaders to develop and drive adoption of data security standards and resources for safe payments worldwide. By actively contributing to the PCI Data Security Standard (PCI DSS) and aligning with the council’s mission of developing and upholding data security and protection, Cybersixgill can help companies assess and measure their compliance posture against the new PCI DSS v4.0, which was published on April 1st, and address emerging threats.
This latest update has many high-level goals to ensure that the standard continues to meet the payments industry’s security needs. So how can security leaders implement best practices and promote security continuously and consistently? In this second installment of the blog series about PCI DSS, I’ll share my insights into how organizations can best achieve their security objectives.
How Risk-Based Cyber Threat Intelligence Enables Proactive Action:
Like many other frameworks and standards, the goal of PCI DSS is to achieve data protection by taking a risk-based approach towards measuring the effectiveness of security controls that are used within the standard. This enables the standard to continue to modernize and evolve, while allowing for new technologies and techniques to be employed in the effort to improve the protection of payment data.
The prioritization of system gaps is a core area that benefits from progress in continuous security and solution flexibility – both open opportunities to enrich the security assessment process by finding gaps faster and allowing businesses to use a broader set of solutions to accelerate their security audit. For instance, the effective use of risk-based cyber threat intelligence (CTI) helps to enrich and prioritize the collection of security information, and leads security professionals to the root cause of compelling security incidents. As a result, they are able to take proactive action and move through the remediation and mitigation phase of audit.
In a nutshell, risk-based CTI provides a faster way to analyze information about the intent, capabilities, and opportunities of adversaries in cyberspace and make proactive decisions to defend against today’s most challenging threats. How? Risk-based CTI is prioritized with context so that security professionals can find the system gaps that hold the highest liability to the organization if left unchecked. Threat intelligence is collected by gathering data from social media platforms, app stores and repositories, leaked databases, chat channels, dark web forums and black markets, and then analyzed with both manual and machine learning techniques.
The end result is contextualized, actionable intelligence on attack indicators, data leakage, phishing, brand impersonation and data fraud that helps security professionals understand what steps to take to address the most important threats. That means organizations can quickly discover and qualify requirement gaps, continuously prioritize vulnerabilities based on quantitative risk metrics, and stay on top of PCI DSS protection policy hygiene.
How PCI DSS and Risk-Based Cyber Threat Intelligence Protects Payment Data:
- Enriches PCI vulnerability prioritization by providing a seamless in-line integration with traditional vulnerability management techniques and solutions, while delivering continual assessment of external organizational security risks. That means analysts are able to re-prioritize patch management efforts and incorporate broader threat intelligence from across the web to uncover vulnerabilities that traditional vulnerability scan tools simply do not catch or pass over.
- Enhances the pre-assessment routine with additional metrics indicating the real risk of potential threats that may be utilizing or planning attacks based on known vulnerabilities. This provides organizations a second set of eyes on vulnerabilities that may create violations and weaknesses to data security policies.
- Identifies, collects and analyzes an organization’s digital footprint to uncover potential PCI-covered system related attacks before they are carried out. Security teams are enabled to fortify their defenses with enforceable action plans over and above typical cursory analysis of their IT estate.
- Provides a pre-emptive view of threats that may target an organization in the future. Organizations have a view into the possible future of cyber-attacks.
Organizations need to meet the evolving requirements of the new PCI 4.0 standard and shift to a prioritized, risk-based posture by deploying risk-based CTI in alignment with their cybersecurity framework, while also measuring the posture of compliance with regulatory requirements. Only then can they effectively detect and protect against cyber threats, and comply with global privacy laws and regulations, and compliance requirements.
Want to learn how Cybersixgill can help you assess, measure, and prioritize compliance posture with the PCI DSS, including the new v4.0 release and address emerging threats? Contact us to discuss your threat intelligence needs and goals.