Eric Sampson

Eric Sampson is a Senior Manager with Schellman & Company, LLC. Prior to joining Schellman in 2008, Eric specialized in security assessments, GLBA, ISO, global privacy, and penetration testing assessments. At Schellman, Eric is focused primarily on PCI, SOC, and WebTrust for Certification Authorities (CA) examinations for organizations across various industries. Eric has over 15 years of experience comprised of serving clients in various industries including cloud and technology service providers, healthcare, and financial services, among others. Eric has led hundreds of project engagements in the areas of PCI, System and Organization (SOC) examinations (SOC 1, SOC 2, SOC 3), WebTrust for CAs, HIPAA, Federal PKI, and agreed-upon procedures. Eric contributes significantly to internal methodologies and team development. Eric also has notable training, knowledge, and professional services contributions among the areas of US and European Union privacy regulations, ISO 27001, NIST 800-53, and HITRUST.

  • Preparing for the PCI DSS Customized Approach

    Preparing for the PCI DSS Customized Approach

    Schellman's Eric Sampson outlines PCI DSS v4.0 and what you should know before considering the customized approach framework

    Read Article
  • The Three-Sphere Circus of Compliance

    The Three-Sphere Circus of Compliance

    When wrestling with compliance requirements CISOs often feel like they are a performer in the middle of a three-ring circus trying to juggle spheres of compliance.

    Read Article
  • Getting started with your PCI DSS Charter

    Getting started with your PCI DSS Charter

    Well over a year ago, the PCI Standards Council announced, in addition to other requirements, that a PCI charter would now be required for service providers after January 31, 2018.  Few...

    Read Article
  • To PIN, or NOT to PIN - That Is The Question

    To PIN, or NOT to PIN - That Is The Question

    This month, Wal-Mart Stores Inc. sued Visa Inc. for the right to require customers to enter a PIN when using a chip-based debit card.  Currently, customers have the option to pass on entering a...

    Read Article
  • Are You Ready For Some PCI DSS v3.2?

    Are You Ready For Some PCI DSS v3.2?

    Coming in April 2016, the PCI Security Standards Council (SSC) is releasing an incremental update to the PCI DSS in version 3.2.  As an incremental update, there are minor changes to the PCI DSS...

    Read Article
  • PCI Compliance - Managing Third-Party Service Providers

    PCI Compliance - Managing Third-Party Service Providers

    The PCI Security Standards Council (SSC) recently published an information supplement on third-party security assurance that provides a set of guidelines for understanding how to manage...

    Read Article
  • 4 Lessons Learned From High Profile Credit Card Breaches

    4 Lessons Learned From High Profile Credit Card Breaches

    The media has been filled with stories of high profile credit card breaches, including those from Target, Neiman Marcus, P.F. Chang’s and most recently Home Depot. Details on the Home Depot breach...

    Read Article
  • What Do the PCI Levels Mean?

    What Do the PCI Levels Mean?

    PCI levels are categories that the PCI Security Standards Council (SCC) and card brands (VISA, MasterCard, American Express, Discover, and JCB) use to determine PCI compliance validation and...

    Read Article
  • PCI: What Are The Benefits of a PCI Assessment?

    PCI: What Are The Benefits of a PCI Assessment?

    What Are The Benefits of a PCI Assessment?  

    Read Article
  • PCI SSC 2013 Community Meeting Takeaways

    PCI SSC 2013 Community Meeting Takeaways

    Via: InfoQ

    Read Article
  • loading
    Loading More...