Category Archives: PCI Compliance

HALOCK 2020 Cyber Calendar Privacy

2020 The Year of Privacy

December 6, 2019

Download your 2020 calendar, noted with key dates to help keep you compliant.

2020 Calendar Data Privacy HALOCK
Download your calendar


PCI DSS v4.0 HALOCK Reasonable Security

What we know about PCI DSS v4.0 now

September 16, 2019
(more…)
HALOCK PCI Enforced Reasonable Security Acceptable Risk PCI DSS v4.0

How is PCI DSS Enforced?

July 8, 2019

Unlike most regulations you may be familiar with, the PCI DSS is enforced by contract – here is a quick look at the process; learn more about how you can be PCI compliant. Download your reference sheet.

Get Ready for PCI DSS v4.0

HALOCK PCI Security Software Reasonable Security Controls Acceptable Risk

PCI Software Security Framework

June 7, 2019

For businesses using PA-DSS assessed applications the time is near to start considering the new Software Security Framework that the PCI Council that will be mandated soon. (more…)

Reasonable Security CCPA States Privacy HALOCK Security Labs Reasonable Security

Does CCPA Affect You? What the 2020 Deadline Means for Reasonable Security

May 9, 2019

The California Consumer Privacy Act (CCPA) and more states are shaping data privacy management for reasonable security.

(more…)
HALOCK Pen Testing Case Study Image

A Penetration Test Case Study: Retail

March 4, 2019

How a retailer with both brick and mortar and online stores reduced overhead costs to allow re-investment into the business by validating PCI DSS compliance through penetration testing.

(more…)
HALOCK 23NYCRR500 TPRM Third Party Reasonable SecurityVendor Risk

Cybersecurity Regulations: What the NYCRR 500 Deadline of March 1, 2019 Means to You

February 25, 2019

New York City is often referred to as the financial capital of the world; with the state of cybersecurity today and the increasing barrage of threats that financial related institutions must combat on a daily basis, it is no wonder that New York became the first state to take government action to do something about it.  (more…)

HALOCK Third Party Vendor Risk HALOCK Information Security Reasonable Safeguards Duty of Care

Ready for March 1, 2019? 23 NYCRR 500 SECTION 11

February 12, 2019

THE NEW YORK STATE DEPARTMENT of FINANCIAL SERVICES (DFS) CYBERSECURITY REGULATION 23 NYCRR 500 SECTION 11

(more…)
Vulnerability Risk PCI DSS Infosec

PCI Deadline is Fast Approaching on June 30, 2018

February 15, 2018

by Viviana Wesley PCI QSA, ISO 27001 Auditor – Managing Consultant, Governance & Compliance Services

Cyber security is a moving target.  The technology and policies that kept users, devices and data safe at one time are eventually compromised at some point by the growing skills of cybercriminals and technology itself.  This is one of the reasons security standards such as PCI DSS (Payment Card Industry Data Security Standard) are moving targets as well.  Things never remain stationary in a world that is digitally transforming itself and security standards would not be relevant unless they dynamically changed along with the world. (more…)

Clarifying the new PCI DSS 3.2 Requirements for Service Providers

January 26, 2017

By Viviana Wesley, PCI QSA, ISO 27001 Auditor

The process of securing cardholder data is a shared responsibility amongst multiple parties that play a role in the card transaction process. They include merchants, processors, acquirers, backup tape storage facilities, issuers and service providers just to name a few. All of these entities play a part in the far-reaching responsibility of protecting consumer data. The Payment Card Industry Data Security Standard or PCI DSS is the roadmap that they can turn to in order to prevent the compromising of primary account numbers (PAN) and other sensitive consumer credit card information. (more…)

1 2 3 10