The Three-Sphere Circus of Compliance
When wrestling with compliance requirements CISOs often feel like they are a performer in the middle of a three-ring circus trying to juggle spheres of compliance.
Getting started with your PCI DSS Charter
Well over a year ago, the PCI Standards Council announced, in addition to other requirements, that a PCI charter would now be required for service providers after January 31, 2018. Few...
To PIN, or NOT to PIN - That Is The Question
This month, Wal-Mart Stores Inc. sued Visa Inc. for the right to require customers to enter a PIN when using a chip-based debit card. Currently, customers have the option to pass on entering a...
Are You Ready For Some PCI DSS v3.2?
Coming in April 2016, the PCI Security Standards Council (SSC) is releasing an incremental update to the PCI DSS in version 3.2. As an incremental update, there are minor changes to the PCI DSS...
PCI Compliance - Managing Third-Party Service Providers
The PCI Security Standards Council (SSC) recently published an information supplement on third-party security assurance that provides a set of guidelines for understanding how to manage...
4 Lessons Learned From High Profile Credit Card Breaches
The media has been filled with stories of high profile credit card breaches, including those from Target, Neiman Marcus, P.F. Chang’s and most recently Home Depot. Details on the Home Depot breach...
What Do the PCI Levels Mean?
PCI levels are categories that the PCI Security Standards Council (SCC) and card brands (VISA, MasterCard, American Express, Discover, and JCB) use to determine PCI compliance validation and...
PCI: What Are The Benefits of a PCI Assessment?
What Are The Benefits of a PCI Assessment?
PCI SSC 2013 Community Meeting Takeaways