Blog

PCI DSS

5 Tips for Becoming PCI DSS Compliant

The Payment Card Industry Data Security Standard (PCI DSS) is required by contract for those handling cardholder data, whether you are a startup or a global enterprise. 

Read More

PCI DSS

Changes to SAQs for PCI DSS v3.2.1

Last month I wrote about the new PCI DSS standard version 3.2.1 and how nothing of significance had changed.

Though that

Read More

PCI DSS

What's new in PCI DSS 3.2.1

In May 2018, the PCI Security Standards Council, the authors of the PCI DSS standard, issued a new version of that standard -

Read More

PCI DSS, SOC2, vCISO, HIPAA, CIS Controls, Security Program

How much of your Information Security function can you safely outsource?

Outsourcing is now very common among technology companies. Sometimes a whole function is delegated externally such as accounting, HR, marketing. Even R&D can be delivered by remote teams, often in other countries.

So what about

Read More

PCI DSS, SOC2, CISO, vCISO, HIPAA, CIS Controls, Security Program

7 Advantages of using a "virtual CISO" (vCISO)

A growing trend in the world of Cyber Security is companies outsourcing of some or all of their Information Security teams. This can be just a ...

Read More

PCI DSS

Common Key Controls Tested in PCI DSS assessments

As a company interested or required to become PCI DSS compliant, you have a list of key controls you must have in place with proper auditing ...

Read More