For a successful PCI compliance program, senior executives must understand the intent of the DSS and its unique implications for their organization. A successful compliance program can protect the organization and its stakeholders from the costly consequences of a data breach. Read More
Regular security testing is a critical component of achieving and maintaining compliance with PCI DSS. By conducting thorough security testing, organizations can address potential vulnerabilities and help ensure the protection of sensitive cardholder data. Read More
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure organizations that accept, process, store or transmit payment card data do so in a secure manner. A key change with PCI DSS... Read More
Dive into the ever-changing landscape of US state privacy laws! During this video, Gina Gondron and Jodi Daniels will explain the key concepts your business should implement to comply with the state privacy laws going into effect this year and... Read More
For the first time in the history of the DSS, PCI DSS 4.0 offers organizations the ability to customize the controls that they rely upon to secure their environments. The new Standard still contains a prescriptive set of controls that... Read More
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security controls designed to ensure that organizations that accept, process, store or transmit payment card data do so in a secure manner. One of the key changes... Read More
A critical security vulnerability has recently come to light and poses a significant risk to organizations using MOVEit Transfer, the managed file transfer software developed by Ipswitch. A zero day exploit, CVE-2023-34362, is actively being exploited by malicious hackers to... Read More
Ever since the General Data Protection Regulation (GDPR) came into effect in May 2018, US state privacy laws have been passed in Virginia, Colorado, Connecticut, Utah and, most pressing of them all, California. The California Privacy Rights Act (CPRA) went... Read More
In January 2022, the Office of the National Coordinator for Health Information Technology (ONC) published the Trusted Exchange Framework and Common Agreement (TEFCA). This marked an important milestone in the journey to establish the United States’ first national health information... Read More
Stakeholder environmental, social and governance (ESG) disclosure pressures, expectations and requirements have rapidly increased over the last two decades. According to Carrot & Sticks’ interactive map, instruments exist in more than 80 countries. In addition to the number of global reporting... Read More
