Resource for Small Merchants: Glossary of Payment and InfoSec Terms

Posted by Lindsay Goodspeed on 28 Feb, 2019 in Small Business and Guidance and Small Merchant Resources and SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec... READ MORE

Resource for Small Merchants: Common Payment Systems

Posted by Lindsay Goodspeed on 12 Feb, 2019 in Small Business and Guidance and Small Merchant Resources and SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec... READ MORE

Update to Maintaining Compliance Information Supplement

Posted by Lindsay Goodspeed on 29 Jan, 2019 in Guidance and Awareness and PCI DSS and Compliance and SIGs and BAU
  The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Complian... READ MORE

Industry Guidance on Accepting Telephone Payments Securely

Posted by Lindsay Goodspeed on 27 Nov, 2018 in Guidance and PCI DSS and SIGs
  PCI SSC just published an updated version of the Special Interest Group information supplement Pro... READ MORE

What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS

Posted by Laura K. Gray on 15 Jun, 2018 in Guidance and TLS/SSL and PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3... READ MORE

Guidance: Multi-Factor Authentication

Posted by Laura K. Gray on 1 Dec, 2017 in Guidance and Passwords and Multi-Factor Authentication and Educational Resource and Remote Access
  Attackers continue to compromise valid user credentials to access company networks and steal payme... READ MORE

How the SHA-1 Collision Impacts Security of Payments

Posted by Lindsay Goodspeed on 14 Mar, 2017 in Guidance and Encryption and PTS POI
Recently, Google and CWI Institute in Amsterdam announced that they successfully created a “hash col... READ MORE

Understanding New PCI Guidance on MFA

Posted by Laura K. Gray on 9 Feb, 2017 in Guidance and Passwords and Interview and PCI DSS and Multi-Factor Authentication and PCI SSC
  Attackers continue to compromise valid credentials to access company networks and steal data. To h... READ MORE

Assessor Viewpoint: Q&A on Scoping and Segmentation Guidance

Posted by Lindsay Goodspeed on 15 Dec, 2016 in Guidance and Interview and PCI DSS and Scoping and Segmentation
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify... READ MORE

Why Become a PCI Professional? Here are 3 Good Reasons

Posted by Gill Woodcock on 8 Apr, 2016 in Guidance and Training and Awareness and PCI DSS and PCI Professional
If you are looking at the PCI Professional (PCIP) program you may be asking “What’s in it for me?” o... READ MORE

New Guidance: Responding to a Data Breach

Posted by Laura K. Gray on 29 Sep, 2015 in Breaches and Guidance and Community Meetings
For any organization connected to the internet, it is not a question of if but when their business w... READ MORE

MOST READ

MUST READ