What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS

Posted by Laura K. Gray on 15 Jun, 2018 in PCI DSS and TLS/SSL and Guidance
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3... READ MORE

Guidance: Multi-Factor Authentication

Posted by Laura K. Gray on 1 Dec, 2017 in Educational Resource and Passwords and Remote Access and Guidance and Multi-Factor Authentication
  Attackers continue to compromise valid user credentials to access company networks and steal payme... READ MORE

How the SHA-1 Collision Impacts Security of Payments

Posted by Lindsay Goodspeed on 14 Mar, 2017 in Guidance and PTS POI and Encryption
Recently, Google and CWI Institute in Amsterdam announced that they successfully created a “hash col... READ MORE

Understanding New PCI Guidance on MFA

Posted by Laura K. Gray on 9 Feb, 2017 in PCI SSC and Multi-Factor Authentication and PCI DSS and Guidance and Interview and Passwords
  Attackers continue to compromise valid credentials to access company networks and steal data. To h... READ MORE

Assessor Viewpoint: Q&A on Scoping and Segmentation Guidance

Posted by Lindsay Goodspeed on 15 Dec, 2016 in Interview and Scoping and PCI DSS and Segmentation and Guidance
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify... READ MORE

Why Become a PCI Professional? Here are 3 Good Reasons

Posted by Gill Woodcock on 8 Apr, 2016 in Guidance and Training and Awareness and PCI DSS and PCI Professional
If you are looking at the PCI Professional (PCIP) program you may be asking “What’s in it for me?” o... READ MORE

New Guidance: Responding to a Data Breach

Posted by Laura K. Gray on 29 Sep, 2015 in Breaches and Guidance and Community Meetings
For any organization connected to the internet, it is not a question of if but when their business w... READ MORE