Huntsman’s continuous, real-time compliance monitoring a boon for organisations covered by PCI-DSS 3.0
With the new PCI-DSS Version 3.0 standard coming into effect on 1st January 2015, compliant organisations with updated control environments need continuous monitoring and real-time visibility of compliance alerts more than ever.
Cyber security threat management specialist Huntsman has provided full support for PCI-DSS compliance monitoring within its advanced security monitoring, SIEM and threat detection solutions for some time.
The standard has evolved in response to the changing threat environment; the increasing need to manage card fraud exposure; and following the high profile retail sector breaches of the last few years. The updated requirements in PCI-DSS Version 3.0 have meant organisations having to confirm and clarify their control environments during recent months, ahead of January’s deadline.
Huntsman has provided a comprehensive compliance pack for the PCI-DSS standard for some time. The extensive library of queries/reports and alerts are included free of charge within the core product, rather than being an extra expense or add-on as is the case with some of its competitors.
Peter Woollacott, CEO Tier-3 Huntsman, said: “Our customers want security monitoring, they want threat detection, they want automation. Yet they also need to be able to report on compliance and see the state of the control environment against the backdrop of their regulatory or legal obligations.”
Huntsman®’s market-leading, business-focussed Governance, Risk and Compliance (GRC) dashboards give a clear stakeholder view of the true status of compliance against PCI-DSS (and other standards). They do this by grouping controls and information together and delivering instant clarity against the control requirements in a way that makes sense to business and compliance managers who want to know not only where safeguards are working, but also where there are actual, or emerging, issues.
Peter Woollacott continued: “Some solutions only go as far as displaying information about low-level technical metrics; but boards want to know at a higher level where they can rest easy, and where they have compliance issues. Providing this visibility in real-time and in a way that makes sense is a major advantage.”
The PCI-DSS 3.0 standard itself highlights this need. It insists that:
“PCI DSS should be implemented into business-as-usual (BAU) activities as part of an entity’s overall security strategy.”
The importance of continuous compliance monitoring at all times, not just during periodic audits, is not lost on the PCI standards council or on the Tier-3 Huntsman compliance experts.
Huntsman® Enterprise SIEM is available now across all territories with a range of compliance solutions including for PCI-DSS, ISO27001, GPG13, FISMA, ISM, APRA, SOX etc. Please contact Huntsman at info@huntsmansecurity.com.au for further information.