by Viviana Wesley PCI QSA, ISO 27001 Auditor – Managing Consultant, Governance & Compliance Services Cyber security is a moving target. The technology and policies that kept users, devices and data safe at one time are eventually compromised at some point by the growing skills of cyber criminals and technology itself. This is one of […]
Payment Card Industry Security Standards Council (PCI SSC) by Viviana Wesley, PCI QSA, ISO 27001 Auditor The Payment Card Industry Security Standards Council (PCI SSC) will be releasing version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) in the second quarter of 2016 and will become effective as soon as it’s published. PCI […]
SSL No Longer Considered Strong Cryptography Author: Viviana Wesley, PCI QSA. In a recent bulletin the Payment Card Industry Security Standards Council (PCI SSC) stated that updates will be forthcoming to the Data Security Standard (DSS) version 3.0 – and very soon. The change is related to vulnerabilities seen with Secure Socket Layer (SSL) cryptography.
Now that you know that Heartbleed is potentially exposing your secure systems to malicious hackers, you need to know what to do about it. Not only does that mean you need to secure your systems (even the ones you don’t yet know use Open SSL), but you also need to be able to understand the […]