Blog Information Security

Category: PCI ComplianceX

• Common ASV Vulnerability Scan Misconfigurations 11/30/2018  |  By: Stewart Fey, Director of Technical Services

  In today’s security environment, conducting accurate PCI Assessments are an important part of an overall security strategy. I have been looking more closely at the approved…
  read more >

  Posted in: PCI Compliance
• 2 Key Thoughts from 2018 PCI North America Community Meeting 10/19/2018  |  By: Stewart Fey, Director of Technical Services

  The 2018 North American PCI Community Meeting is in the books! While there were a number of good takeaways from this year’s meeting, here are two key points I’d like to share. 1…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI compliance, PCI DSS
• 4 New Tools for Maintaining PCI Compliance 10/18/2018  |  By: John Dorling

  If you have been in a technical position for any length of time, you know how daunting it can be to explain things in layman’s terms to non-technical people. The PCI DSS is no…
  read more >

  Posted in: PCI Compliance

  Tagged with: pci compliance, pci compliance tools
• 3 Primary Goals for PCI DSS Version 4.0 10/09/2018  |  By: Mark Burnette, CPA, CISSP, CISM, CISA, CRISC, CGEIT, ITIL, QSA, Shareholder, Practice Leader of Risk Services

  The next version of the Payment Card Industry Data Security Standards (PCI DSS) is coming, but not for a while. At the PCI North America Community Meeting in September of 2018…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI compliance, PCI DSS
• PCI Compliance: Why You Should Stop, Collaborate, and Listen 10/08/2018  |  By: Brian Willis, Senior Manager, Information Security

  It’s amusing to think the Vanilla Ice lyric, “stop, collaborate, and listen,” could be used to describe the 2018 PCI North America Community Meetings, but it’s quite appropriate…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI compliance, PCI DSS
• Call Center Employees and PCI Scope 09/25/2018  |  By: Brian Willis, Senior Manager, Information Security

  If your business operates a call center, and you’re considering a PCI assessment, you’re likely wondering two things: 1. Is the call center in scope for your PCI assessment…
  read more >

  Posted in: PCI Compliance

  Tagged with: PCI Compliance, Call Center
• P2P vs. E2E Encryption: What's Best for Your Company? 09/06/2018  |  By: Stewart Fey, Director of Technical Services

  Before we dive in: This is a complex topic. While this post will provide an overview and, hopefully, give an indication as to what might benefit your organization in your next PCI…
  read more >

  Posted in: PCI Compliance, Compliance and Audit

  Tagged with: P2P encryption, E2E encryption, PCI DSS
• How to Meet the Newest PCI DSS Requirements in Your Next Assessment 06/28/2018  |  By: Brian Willis, Senior Manager, Information Security

  There are many things in life you can do on “autopilot:” brushing your teeth, taking out the trash—you get the idea. But, achieving PCI compliance is not one of those things. The…
  read more >

  Posted in: Compliance and Audit, PCI Compliance

  Tagged with: PCI DSS v3.2.1
• What's New in PCI DSS v3.2.1? 05/21/2018  |  By: Stewart Fey, Director of Technical Services

  The time has come. The PCI Council has released a revision to PCI DSS version 3.2. Here’s what you need to know. The revision was published May 17, 2018. The Council has…
  read more >

  Posted in: PCI Compliance, Compliance and Audit

  Tagged with: PCI DSS v3.2.1
• The Anatomy of a Phish 10/11/2017  |  By: Derek Rush, Manager

  Phishing attacks are cybercrimes conducted through email, telephone, or text messages, typically performed by a cyber-criminal posing as an institution or a trusted person to…
  read more >

  Posted in: Compliance and Audit, PCI Compliance