What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS

Posted by Laura K. Gray on 15 Jun, 2018 in Guidance and TLS/SSL and PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3... READ MORE

Guidance: Multi-Factor Authentication

Posted by Laura K. Gray on 1 Dec, 2017 in Guidance and Passwords and Multi-Factor Authentication and Educational Resource and Remote Access
  Attackers continue to compromise valid user credentials to access company networks and steal payme... READ MORE

How the SHA-1 Collision Impacts Security of Payments

Posted by Lindsay Goodspeed on 14 Mar, 2017 in Guidance and Encryption and PTS POI
Recently, Google and CWI Institute in Amsterdam announced that they successfully created a “hash col... READ MORE

Understanding New PCI Guidance on MFA

Posted by Laura K. Gray on 9 Feb, 2017 in Guidance and Passwords and Interview and PCI DSS and Multi-Factor Authentication and PCI SSC
  Attackers continue to compromise valid credentials to access company networks and steal data. To h... READ MORE

Assessor Viewpoint: Q&A on Scoping and Segmentation Guidance

Posted by Lindsay Goodspeed on 15 Dec, 2016 in Guidance and Interview and PCI DSS and Scoping and Segmentation
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify... READ MORE

Why Become a PCI Professional? Here are 3 Good Reasons

Posted by Gill Woodcock on 8 Apr, 2016 in Guidance and Training and Awareness and PCI DSS and PCI Professional
If you are looking at the PCI Professional (PCIP) program you may be asking “What’s in it for me?” o... READ MORE

New Guidance: Responding to a Data Breach

Posted by Laura K. Gray on 29 Sep, 2015 in Breaches and Guidance and Community Meetings
For any organization connected to the internet, it is not a question of if but when their business w... READ MORE