How to Build an Effective Security Awareness Training Program
One of the biggest risks to an organization’s information security is often not a weakness in the technology control environment. Rather it is the action or inaction by employees and
When Do You Need A PCI QSA Company?
The definition of who must have a formal assessment performed is determined by card brand entities such as Visa, MasterCard and American Express, and by the acquiring banks and processors
How businesses can calculate the cost of PCI DSS compliance
PCI compliance is a significant endeavor. It requires a substantial amount of time, money, and expertise to complete. To start with, companies must define the cardholder data environment (CDE) –
Effective Cyber Security Awareness Training for Employees in 2020
Cybersecurity is no longer a technical problem. It’s a people problem. And ensuring that people have the know-how to defend themselves and their organization against threats is a critical component
What is the real value of SOC 2 Compliance?
Major companies that outsource aspects of their data information operations can’t risk using vendors who don’t rigorously protect sensitive information. That’s why many organizations now demand that their vendors become
PCI DSS v4.0 – What you need to know now
Some clients are already asking what to expect when the next version of the Payment Card Industry Data Security Standard is released next year. That’s no surprise, since decisions that
