E-Commerce: Balancing Speed to Market and Payment Security

With COVID-19 we are seeing a shift from bricks and mortar to e-commerce, particularly in the retail sector – James Reynolds takes a look at what companies can do to ensure they are PCI compliant and online payments are protected. As companies look at how they will continue to trade during the pandemic, many are …

The Road to Becoming a Qualified Security Assessor

After spending over 30 years in IT, with a great deal of time spent in security, I find myself with more than a few credentials closer to this end of my career than when I first started. One of my greater accomplishments is my certification as a Payment Card Industry Security Standards Council (PCI SSC) …

PCI-DSS version 4.0: Impacts to an Organization

The next version of the PCI-DSS is a long time coming. The majority of current PCI controls in version 3.2.1 are 10-years or older. Year-to-year the standard itself has changed very little and version 3.0, released in 2015, has minimally changed in the last 5 years. The PCI-DSS v4.0 was released to PCI SSC stakeholders …

Guidance for PCI Assessments During COVID-19

One of the challenges of information security and compliance is dealing with evolving requirements. The current pandemic with Covid-19 has further added complexity to how we operate and maintain secure payment systems. Not only do we have technical and administrative controls to manage and maintain but we also must address public health and safety concerns …