PCI DSS, Security Program

I never touch Cardholder Data. So PCI DSS does not apply to me - Right?

Payment cards have been around a long time, and nefarious schemes to take advantage of them have been around almost as long. Since most people ...

Read More

PCI DSS

The Best Ways to Maintain Your Organization's PCI DSS Documentation

Becoming compliant with payment card industry data security standard (PCI DSS) protocols can be a time-consuming process — but it’s a ...

Read More

Privacy, CCPA

CCPA grants consumers private right of action - What is that?

The California Consumer Privacy Act (CCPA) is a California state law protecting the personal information (PI) of California residents ...

Read More

PCI DSS

5 Reasons a Qualified Security Assessor Should Validate Your PCI DSS

For businesses that store, process, and transmit cardholder data, you know that you must comply with the Payment Card Industry Data Security ...

Read More

PCI DSS

When does PCI Compliance Start?

The GDPR mantra of security and privacy “by design and by default” reminds us that in every respect of a new product program security and ...

Read More

PCI DSS

5 Things You Should Know About PCI DSS Compliance

The PCI Security Standards compliance rules have been around since 2006. Despite more than a decade and a half of payment security protection, ...

Read More

PCI DSS

It’s More Important Than Ever to Maintain Compliance with PCI DSS

We hope you are all safely sequestered in your homes (whether your Governor has issued an order or not), and that you’ve successfully navigated ...

Read More

PCI DSS

Documenting the Impact of System Changes for PCI DSS Compliance

PCI DSS requirement 6.4.5.1 says that change documentation must include an assessment of the impact of the change “so that all affected parties ...

Read More

CISO, vCISO, Privacy, CCPA

No CCPA Enforcement Delay due to COVID-19

CA Attorney General will not delay CCPA enforcement due to COVID-19 An expansive new regulation like the California Consumer Privacy Act is ...

Read More

Penetration Testing, CIS Controls, Security Program, Risk Assessment

Coronavirus Cybersecurity Recommendations

In these difficult times, as many of us adapt to the disruptive new-normal of distance working, a robust information security program becomes ...

Read More