HackDig : Dig high-quality web security articles

A 5 Step Checklist for Complying with PCI DSS 4.0

In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online payments
Publish At:2022-08-16 01:43 | Read:88 | Comments:0 | Tags:PCI Checklist PCI Compliance PCI DSS

PCI 4.0: The wider meanings of the new Standard

The new PCI DSS Standard, version 4.0, contains all the steps, best practices, and explanations required for full compliance.  In fact, even an organization that does not process cardholder data could follow the PCI Standard to implement a robust cybersecurity program for any of its important data.In our series about how the new standard differs from the pre
Publish At:2022-07-07 01:06 | Read:410 | Comments:0 | Tags:Featured Articles PCI PCI Compliance PCI DSS Regulatory Comp

What you need to know about PCI 4.0: Requirements 1, 2, 3 and 4.

The Payment Card Industry Security Standards Council has released its first update to their Data Security Standard (PCI DSS) since 2018.  The new standard, version 4.0, is set to generally go into effect by 2024, but there are suggested updates that are not going to be required until a year after that.  This, of course, creates a couple of problems
Publish At:2022-06-14 06:12 | Read:758 | Comments:0 | Tags:Featured Articles PCI PCI DSS pci dss requirements Regulator

PCI DSS 4.0 and ISO 27001 – the dynamic duo

It’s not often we can say this, but 2022 is shaping up to be an exciting time in information governance, especially for those interested in compliance and compliance frameworks.We started the year in eager anticipation of the new version of the international standard for information security management systems, ISO 27001:2022, soon to be followed by version
Publish At:2022-04-28 02:08 | Read:1476 | Comments:0 | Tags:Featured Articles Regulatory Compliance ISO 27001 PCI Compli

How Achieving Compliance with PCI DSS Can Help Meet GDPR Mandates

Data security and privacy are today a prime focus for most organizations globally. While there have been several regulations and standards introduced to improve data security, the evolving landscape makes it challenging for organizations to stay compliant. For many organizations, GDPR and PCI DSS are the first topics that come to mind when privacy is concern
Publish At:2021-11-15 02:04 | Read:4512 | Comments:0 | Tags:Regulatory Compliance Access Control compliance data privacy

CISO Interview Series: Cybersecurity at a Global Scale

What is it like to not only be a CISO but to also be one in a large, global organization? I recently had the pleasure of speaking with Mark Ruchie, CISO of Entrust, a global tech firm securing data, payments and identities. Mark shared his unique journey into cybersecurity, and he went on to offer excellent advice about how companies of any size can suc
Publish At:2021-11-01 23:11 | Read:4435 | Comments:0 | Tags:Featured Articles CISO Mark Ruchie PCI DSS ransomware Zero T

PCI DSS 4.0 Is Coming – Are You Ready?

Ransomware today is a billion-dollar industry. It’s crippled industries like healthcare. In 2017, for instance, WannaCry brought much of the United Kingdom’s National Health Service to its knees using the EternalBlue exploit. It was just a few weeks later when the NotPetya ransomware strain leveraged that same vulnerability to attack lots of industries.These
Publish At:2021-03-04 02:08 | Read:2399 | Comments:0 | Tags:PCI PCI DSS

Steps for PCI DSS Gap Analysis

Complying with Standards drawn by the Payment Card Industry Security Standards Council can be complicated and time-consuming. But, with a PCI DSS Gap Analysis, the process becomes a lot easier, streamlined, and less exhaustive. PCI Gap Analysis is the first step towards the Compliance process. The assessment provides details on your current security pos
Publish At:2021-01-12 01:32 | Read:2276 | Comments:0 | Tags:Regulatory Compliance analysis gap PCI DSS

RegTech explained: a crucial toolset for the financial industry

Every organization in the financial industry needs to meet certain regulatory obligations, even if it’s just filing a tax return or submitting an annual report. In certain industries, such as financial services, they’ve added their own additional sets of rules that must be adhered to. For example, organizations who take and process credit card payments
Publish At:2020-11-06 13:17 | Read:2359 | Comments:0 | Tags:Explained AI big data cloud compliance financials identity t

Fintech industry developments, differences between Europe and the US

“Put your money in the bank and you can watch it grow.” If there is a statement that shows us how much the financial world has changed it’s this one. With the introduction of negative interest, companies and consumers with a large amount of liquid assets are looking for a different way to handle those assets. This is where the innovative fintech industry
Publish At:2020-09-15 12:43 | Read:2403 | Comments:0 | Tags:Business brexit fintech gdpr legislation online shopping pci

90% of Healthcare IT Pros Think They Could Detect a Breach within Hours

IT professionals are instrumental to strengthening an organization’s digital security. They must fulfill a variety of duties to work towards that end. One of their most important responsibilities is helping their company detect and respond to data breaches.But there’s a problem. Most information security personnel are overconfident in their organ
Publish At:2016-12-14 12:25 | Read:6857 | Comments:0 | Tags:Cyber Security Featured Articles breach EDR Patch Management

Compensating Controls: An Impermanent Solution to an IT Compliance Gap

Compliance is a concern for every organization that handles customers’ data. Unfortunately, it’s not always easy for companies to meet the security requirements of frameworks like PCI DSS. Each organization faces technological and/or business constraints; factors which shape its security decisions and sometimes rule out the implementation of cert
Publish At:2016-12-07 13:55 | Read:7072 | Comments:0 | Tags:Featured Articles IT Security and Data Protection compensati

Change Management: The Foundation to Your Organization’s IT Security

What is the first question you ask when something goes wrong in your environment? A system goes down? Service isn’t performing as it should? You flip the switch but nothing happens?In November of 1988, something happened that forever changed IT security and exponentially increased the need to ask this question. That is when the Morris worm was first distribu
Publish At:2016-10-11 01:55 | Read:7385 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Change FIM

Data Breach Overconfidence Strikes Again, This Time in the Energy Sector

In its 2016 Breach Detection Study, Tripwire evaluated the confidence and efficacy of 763 information security professionals in implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS Top 20 and IRS 1075.Those resources, which align with the United States Computer Emergency Readiness Team (US-CERT) recommendations and inte
Publish At:2016-09-20 12:40 | Read:6426 | Comments:0 | Tags:Featured Articles Incident Detection configuration data brea

Keeping Up with PCI DSS 3.1

Earlier this year, the PCI Security Standards Council officially released PCI DSS version 3.1 only months after its predecessor (version 3.0) came into effect. With a typical three-year period between standard revisions, the out-of-band update caught many off guard, especially organizations still in the process of complying with the changes from the previous
Publish At:2015-07-09 12:30 | Read:7084 | Comments:0 | Tags:Featured Articles PCI Regulatory Compliance NIST PCI Council

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud