Get latest articles directly in your inbox, stay up to date

tags

PCI PCI Community PCIDSS PCI DSS v4.0 PCI Requirements

The Time is Now for Future-Dated PCI Requirements
By Dan Lapierre on September 20, 2024

Hey PCI Champions! Don’t Breathe a Sigh of Relief Just Yet Congratulations on snagging your v4.0 Report on Compliance (ROC) and Attestation of Compliance (AOC)! You might be thinking, “...

Continue Reading
tags

Security PCIDSS4.0 PCI Requirements OBS Global PIN QPA/PIN

What the PIN?! 3 Entities that MUST Comply with the PCI PIN Standard
By Greg Kraft on May 2, 2024

Are you an acquirer or processor that manage PIN data, a vendor that provides systems that handle PIN data, or a merchant that stores, processes, or transmits PIN data? If so, you will want...

Continue Reading
tags

Security PCIDSS4.0 PCI Requirements OBS Global encryption

Disk Level Encryption: The 3.2.1 Magic Bullet has been Left Behind
By Paul Gregoire on November 1, 2023

Prepare for a transformative shift in cardholder data security with PCI DSS v4.0. With native disk encryption no longer a shield, organizations worldwide must swiftly adapt, revisiting...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0 OBS Global

Take a Pit Stop – 5 Point Inspection Questions to Consider NOW before the 4.0 Last Lap
By Sherri Collis & Steve Levinson on June 21, 2023

2023 is flying by. Before you can say March 2024, v3.2.1 of the PCI DSS will be retired. Do you know what your organization needs to do to cross the v4.0 finish line, and how much time it...

Continue Reading
tags

Security InfoSec PCIDSS4.0 Payment Card Industry Network Breach Unpatched Systems Patch

#1 Preventative Measure to Stop Network Breaches
By Daryl Jackson on February 16, 2023

Despite the significant changes introduced with PCI DSS v4.0, there are many bedrock requirements that did not change. This article serves to highlight an often neglected, but extremely...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0

Three Steps to Avoiding an “In Place With Remediation” Status
By Sherri Collis & Steve Levinson on August 15, 2022

Three steps to avoiding the new "In Place with Remediation" status and using the seven P's to help -- prior proper planning prevents p*#s poor performance!

Continue Reading
tags

Security PCI Passwords DSS CDE Network Security secure operations PCI DSS v4.0 multi factor authentication mfa remote access QSA

DSS 4.0 Clarifies, Strengthens MFA Requirements
By Jordan Wiseman & Kurt Outwater on June 2, 2022

MFA under v4.0: No more admin bypass. And no more accessing the CDE without it. Start now and make sure you’ve got the time to set up MFA correctly, and securely. Your users will thank...

Continue Reading
tags

PCI PCIDSS4.0 PCI Assessment PCI DSS v4.0

Authenticated Vulnerability Scanning
By Jeff Man on May 2, 2022

One of the most significant changes introduced in PCI DSS v4.0 involves the documented approach for performing internal vulnerability scans. The internal vulnerability scanning requirement...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Monitor the Monitoring
By Clark Dixon on April 21, 2022

There are two notable changes that may require a fair bit of runway to fully meet the existing requirement to monitor your critical security control systems.

Continue Reading
tags

PCIDSS4.0

There is Trouble Brewing: In Place with Remediation
By Sherri Collis & Steve Levinson on April 21, 2022

What could possibly go wrong with calling out a non-compliant status, or “In Place with Remediation,” on your Attestation of Compliance? Do you have a storm brewing you are yet aware of?

Continue Reading

Submit a Comment

Get latest articles directly in your inbox, stay up to date