For anyone rolling their eyes at the advent of Version 3 of the PCI DSS and believing that the need to protect cardholder data is old news, this is a reminder of why the standard is as important as ever.
The reason why the PCI DSS demands so many requirements for security is because data theft is still going on - There must be an acknowledgment that just securing the perimeter via AV and firewalling is never going to be ‘secure enough’. Combining FIM with effective change management and a consistent build standard not only fundamentally reduces the security risk but it also minimizes the risk of downtime created by unauthorized or misguided system changes. It supports a raft of compliance requirements, most notably PCI DSS, and provides organizations with infrastructure visibility to support effective planning and investment. And, critically, unlike AV, FIM creates a secure environment that truly reflects the current threat model.