What is PCI DSS compliance and why is it important?
In a lot of countries can declare that cash is no longer king, ensuring the secure handling of cardholder data is therefore extra important
The importance of being transparent in PCI DSS
It is very important for an entity starting its compliance process to perform a GAP analysis towards the standard.
The scoping exercise: the foundation for PCI DSS compliance
The more complex your processes and systems for storing, transmitting or processing cardholder data are, the harder to maintain compliance
How security measures keep the scare away 👻
When was the last time your organization ensured all personal data and business critical applications were tested for vulnerabilities?
Security/privacy by design and software development
Understand the concept of security/privacy by design with regards to software development, the GDPR and the PCI DSS.
PCI-DSS vs ISO 27001
The objective for both standards is to secure and manage company information, but they do so in different ways and to different extents.
Are you protecting your client data securely enough?
If you’re a small to medium sized business do you have to meet as many requirements and jump through as many hoops as a large enterprise?
Penetration Testing Guidelines and Best Practices – Part 1
What does PCI DSS say about penetration testing? PDI DSS does provide some guidelines to penetration testing. What the PCI standard explicitly mandates about penetration testing is illustrated in Requirement 11.3, requiring organizations to perform annual penetration tests that would mainly: While the composition of the network layer tests is left to the discretion of the […]
Can tokenization reduce PCI DSS audit scope?
Tokenization replaces cardholder data with an “alias”, a separate random-generated value called a token. Learn more on the blog
The Basics of Penetration Testing in PCI DSS
A penetration test could be described as but realistic cyber attack that aims to determine how deep an attacker would be able to penetrate