1 min read
4 FAQs The PCI Security Standards Council Renamed in 2016
Anyone who relies on the PCI FAQ site for guidance may have noticed some changes in the last few months. In fact if you bookmarked some of the links...
3 min read
PCI Announces NESA - A Stepping Stone To P2PE
Earlier this month the PCI Security Standards Council published a new document as part of the Point-to-Point Encryption (P2PE) program. This initial...
4 min read
PCI Compliance Footprints: 7 Ways To Simplify Compliance, Reduce Risk And Save Money
While you may have heard of carbon footprints and ecological footprints, you might not be aware that there is such thing as a PCI Compliance...
1 min read
What's changed in PA-DSS 3.2? Impacts to Vendors, Implementers, and Operators.
Recently, Control Gap posted an article performing a detailed analysis of the recent changes in the DSS due to 3.2. We do this because the high-level...
3 min read
PCI Under The Microscope
The PCI Council has testified before Congress about standards and breaches in both 2014 and 2009 (links are to Google Searches). This year PCI is...
2 min read
The Panama Papers - a new kind of breach?
In the world of data breaches, it’s not often that we see something totally new. This last week we may just have had such a thing. Most people are...
4 min read
Why the Apple vs. FBI Dispute Is A Good Thing
The Internet and mainstream media has been ablaze with articles and opinion pieces about the dispute between the FBI and Apple over an iPhone used by...
2 min read
Sunset of SSL Extended
If you’ve been struggling with keeping up with various SSL vulnerabilities and planning an orderly cutover to TLS then the recent announcement by the...
3 min read
Must Format Preserving Encryption (FPE) be distinguishable from cardholder data for PCI?
Previously we looked at Format Preserving Encryption (FPE) its characteristics and suitability for application in solutions intended for PCI DSS. To...