PCI DSS, SOC2, CIS Controls, Security Program, Privacy

2023 Security & Privacy Compliance Trends

Many Organizations are Finding Value in Continuous Compliance  In 2023, many organizations are considering cybersecurity and privacy as business accelerators. That means compliance with security and privacy regulations and programs is more prominent in the organization and

Read More

PCI DSS, Penetration Testing

Pentesting for PCI DSS

Most industry-recognized security frameworks, including HITRUST, CIS Controls and PCI DSS, stipulate penetration testing requirements as part of an organization's risk management cycle. In addition, the Payment Card Industry Security Standards

Read More

PCI DSS

How to Evade PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) compliance can be expensive for financial institutions and transaction processors that cannot avoid touching cardholder data (CHD). However, ordinary merchants can reduce the scope with

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

Why You Should Hire a Virtual Data Protection Officer (vDPO) Now

The Data Protection Officer (DPO) is a role required by the EU General Data Protection Regulation (GDPR). If your organization is subject to GDPR and meets the large-scale data handling factors, you need a DPO. What can you do if you don't have an

Read More

PCI DSS

PCI DSS 4.0 is Open for Discussion

The PCI Data Security Standard (PCI DSS) is a global standard of technical and operational requirements for merchants and service providers who collect, process, or store cardholder data. The next evolution of the PCI DSS,  version 4.0, is emerging. 

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

The Seven Essential Qualities of a vCISO

Not every business can internally support the staffing and resources necessary to independently develop robust cybersecurity and privacy programs. Fortunately, you can partially or fully outsource to trusted partners the jobs of CISO and IT security

Read More

PCI DSS

PCI DSS 4.0 Release!

Earlier this month, the Payment Card Industry Security Standards Council (PCI SSC) published the official PCI DSS version 4.0. Over the next few months, we anticipate supporting documentation to emerge and QSA training to begin.  

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program

Four Compliance Standards that can Accelerate Your Sales Team

Businesses must comply with a mixture of international, industry-specific and state-mandated cybersecurity regulations and require their vendors to do so. For this reason, compliance with specific cybersecurity standards becomes another way to

Read More

PCI DSS

PCI-DSS –SAD vs. CHD

When it comes to handling payment cardholder data, PCI DSS has many rules about what you must and must not do when it comes to handling payment data. But the most stringent requirements apply to sensitive authentication data (SAD). 

Read More

PCI DSS

PCI DSS Truncation Rules and Guidelines

The PCI Security Standards Council's redefined truncation rules are a mess.

Read More