PCI DSS – Closing the Loop on ‘Card Not Present’ Fraud

PCI DSS has changed the way vendors and merchants view their networks and electronic processes. The stringent rules now imposed and subsequent vulnerability scans will have an impact on their resources as they work towards meeting the security criteria These security requirements cover the majority of fundamental IT security principals, therefore some will already be in place and others will require long term work to achieve. Defining which issues to prioritise can be difficult. There are however, some security processes that can be implemented quickly and easily allowing the longer term projects to remain unchanged.

Robin Docksey is the Information Security Manager for Play.com. His responsibilities include all aspects of information and physical security for the Play group as a whole. His career has involved all aspects of Information Security including investigations, surveys, risk analysis, auditing and policy creation. Robin started his career in counter-intelligence and computer security for the Royal Air Force, leaving in 1997 after 23 years. He then joined the NHS Information Authority as the IT Security Manager for the South East of England serving all Hospitals, Health Authorities, PCTs and surgeries, providing advice on all aspects of Information security and the protection of patient data. In 1999, he joined UBS and took on the role of IT Security Awareness Manager for EMEA. That role changed over the next six years as Robin carried out surveys and 'health checks' of financial processes, investigations into IT security related offences, mitigating outstanding audit issues and other security related processes. Since Nov 2005, Robin has been the Information Security Manager at Play.com and his prime role has been moving the Play group forward towards meeting the Payment Card Industry Data Security Standard (PCI DSS).