Compliance Journal

Advancing acceptance and implementation of continuous PCI DSS compliance in the retail industry, Lightwave Security today introduced SecureAware, an automated IT GRC system that helps organizations manage business risks and comply with Payment Card Industry (PCI) security standards as well as governmental regulations such as GLB, SOX and HIPAA while utilizing ISO 27000 best practices.

Lightwave Security will showcase the PCI DSS capabilities of SecureAware Jan. 10-13, 2010, at the National Retail Federation (NRF) 99th Annual Convention and Expo in New York City.

"Being compliant with the Payment Card Industry's Data Security Standard (PCI DSS) doesn't protect retailers from a data breach," said Gary Blume, senior vice president, Strategic Business Technology Solutions, Lightwave Security. "Instead, merchants should view PCI compliance with a 'security and risk' mindset. Ideally, a retailer should know its PCI DSS compliance status on a daily basis, be able to adapt to updates in the standard, and ensure that employees are educated on security policies and are following them."

Blume said SecureAware® provides total oversight of the entire PCI compliance process, including technology-based components. The system is an automated workflow optimized to manage and monitor event and feedback information from multiple components with an at-a-glance summary, and to assess and report on these controls in every form needed, from installation to the results produced. An automated IT GRC tool delivered as "Software as a Service" (SaaS), hosted at a remote location and delivered over the Internet, makes it affordable for any size merchant.