PCI DSS v4.0 – RFC Timeline Update
The PCI SSC announced that the planned completion date for PCI DSS v4.0 is Q4 2021. (more…)
Category Archives: PCI Compliance
Using Pandemic Lessons and Risk Assessments to Prepare for PCI DSS 4.0
The NAPCP Commercial Card & Payment Conference is set for May 10-21, 2021, and it will be virtual. The annual event remains the can’t-miss event for the Commercial Card and Payment industry which brings together hundreds of professionals from around the world to share perspectives on all Commercial Card and Payment vehicles and other electronic payment options. (more…)
2021 Cyber Trends
While large-scale transitions to our business environments changed in 2020 due to the COVID outbreak and implementation of remote work strategies, we are still forecasting how to create an adaptable security plan for the near future. Many are probably more than ready to move on to 2021 as quickly as possible, while hoping for a more stable and unobtrusive year ahead. In order to ensure that your desired level of “regularity” becomes reality, it is critical to understand what cybersecurity trends will play out in 2021. Our professionals shared some insight on key areas to focus. (more…)
Skimming the Surface of Information Theft in 2020
Social distancing may have limited our physical interactions, but it also increased our electronic activities. So many of our daily pursuits are now done electronically – and some users for the first time. Although we have to disclose so much of our personal data online, cyber security is often an afterthought to the average consumer. (more…)
Cyber Security Case Study: Maintaining PCI Compliance
HALOCK partners with a research university to conduct a comprehensive PCI DSS project to ensure PCI compliance. (more…)
PCI DSS Case Study: Security Gaps in Policy & Practice
During a PCI Assessment for a global retailer, HALOCK discovered and helped resolve significant breakdowns in security policies and practices implemented at the stores. (more…)
Keeping Track of PCI DSS v4.0
UPDATE: New Blog on PCI DSS 4.0
Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next request for comments (RFC), and information about the RFC feedback they received. (more…)
PCI DSS v4.0 Expected Mid-2021
UPDATE: New Blog on PCI DSS 4.0
Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next RFC, and information about the RFC feedback they received. The new blog covers timing of supporting documents, transition between PCI DSSv3.2.1 and v4.0, an explanation of “future-dated requirements,” development and transition timelines for the project and more.
The PCI SSC just announced that the final version of PCI DSS v4.0 won’t be published until 2021 and won’t be required for 2 years after the publication date.
(more…)
Payment Processing in a Remote Working Environment
Organizations are facing a lot of change with remote work set ups – in both physical location and operational shifts. Especially challenged are businesses that manage credit card information electronically and over the phone. These new working conditions unearth new risks for sensitive data. Social distancing can also bring about more social engineering attempts. According to the U.S. Secret Service, social engineering/phishing is a very common online attack right now.* (more…)