Tag Archives: PCI
HALOCK Presenting on PCI Compliance at The Payments Academy Annual Conference
Viviana Wesley of HALOCK Security Labs and Justin Evans of the University of Iowa will be presenting at The Payments Academy Annual Conference, held May 7-10, 2023, in Indianapolis, Indiana. Registration details are available on the website.
Why Sensitive Data Scanning is so Important Today
Organizations have a lot of data; more than we realize, and it continues to grow. Each day, we create and store all this data in our systems then pack it up and save it somewhere – just to put it away, even temporarily… until it is needed. The challenge is how to easily manage, categorize, […]
Keeping Track of PCI DSS v4.0
UPDATED AS OF JULY 2021 UPDATE: New Blog on PCI DSS 4.0 Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next request for comments (RFC), and information about the RFC feedback they received.
Does CCPA Affect You? What the 2020 Deadline Means for Reasonable Security
The California Consumer Privacy Act (CCPA) and more states are shaping data privacy management for reasonable security.
Clarifying the new PCI DSS 3.2 Requirements for Service Providers
By Viviana Wesley, PCI QSA, ISO 27001 Auditor The process of securing cardholder data is a shared responsibility amongst multiple parties that play a role in the card transaction process. They include merchants, processors, acquirers, backup tape storage facilities, issuers and service providers just to name a few. All of these entities play a part in […]
THE FTC IS TELLING US THAT PCI DSS CERTIFICATION IS NOT ENOUGH. NOW WHAT?
As part of its enduring interest in LifeLock, Inc., the Federal Trade Commission issued the following statement on December 17, 2015, “PCI DSS certification is insufficient in and of itself to establish the existence of reasonable security protections … the existence of a PCI DSS certification is an important consideration in, but by no means […]
A Merchant’s Guide to PCI SSC Compliance
A Merchant’s Guide to PCI SSC Compliance By Morgan Rickel PMP, QSA If you are a merchant considering the implementation of a mobile payment acceptance solution, or if you are currently using one, the Payment Card Industry Security Standards Council (PCI SSC) has determined that one of the major risk factors in validating mobile payment […]
Version 3.2 of the PCI DSS to be Released in Q2, ARE YOU READY?
Payment Card Industry Security Standards Council (PCI SSC) by Viviana Wesley, PCI QSA, ISO 27001 Auditor The Payment Card Industry Security Standards Council (PCI SSC) will be releasing version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) in the second quarter of 2016 and will become effective as soon as it’s published. PCI […]
REDUCING RISKS THROUGH COMPENSATION: HOW TO INSTITUTIONALIZE RISK MANAGEMENT IN EMPLOYEE INCENTIVE COMPENSATION PLANS
REDUCING RISKS THROUGH COMPENSATION. Has your organization been struggling to achieve its compliance goals? Whether your organization is new to risk management or you’ve been struggling with compliance for some time, making compliance a part of every employee’s compensation plan is a smart strategy. This can get everyone in your organization thinking about information security […]