Staying on top of the latest in rules and regulations as a business owner is of paramount importance to the long-term viability of your organization. You know it is, yet you find that you become a deer in the headlights when tasked with needing to be compliant when accepting credit card transactions. Where do you start? Do you really need to be compliant? What happens if youre not compliant? Thankfully, this article is your one-stop-shop for the answer to these questions and a myriad of others you may have regarding PCI (Payment Card Industry) DSS (Data Security Standard) compliance. Dive into the topic in greater detail by absorbing this guide that investigates current and future PCI DSS cardholder regulations and requirements, who they apply to, and what you can do to keep your clients cardholder data safe from the constant threat of data breaches.
Blog
-
Who Must Comply with PCI standards?
-
GDPR Compliance – An essential guide to personal data security
In this age of digital transformation, the upcoming EU General Data Protection Regulation (GDPR) sets a new bar for privacy rights, security, and compliance.
-
SamSam shows up again with a ransom note
Last week, the Colorado Department of Transportation was hit with the SamSam ransomware forcing it to shut down 2000 computers across its system. Believed to be a new variant of the previous SamSam ransomware, according to Talos Intelligence at Cisco, this ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do not appear to be highly targeted, and appear to be more opportunistic in nature. As we all know these ransomware can cripple critical systems such as those in the healthcare services impacting patients across the world.
-
International Bank Cyber Heist via SWIFT…again…
Indias City Union Bank, a small private lender, said on Feb 18, 2018 that cyber criminals had hacked its systems and transferred nearly $2 million through three unauthorized remittances to lenders overseas via the SWIFT financial platform. Chief Executive Officer N. Kamakodi called it a conspiracy involving multiple countries, and added the lender was still investigating how it had happened. The bank had discovered the three fraudulent remittances, which were sent via correspondent banks to accounts in Dubai, Turkey and China.
-
Cyber attacks at the 2018 PyeongChang Winter Olympics
A cyberattack paralyzed internet networks at the opening ceremony of the 2018 Pyeongchang Winter Olympics. Several U.S. cybersecurity firms have uncovered a computer virus named Olympic Destroyer that was likely used in an attack.
-
PIN on Glass – Intro, Benefits, Obstacles
What is Pin on Glass – Background & PCI regulations
The PCI Security Standards Council (PCI SSC) recently announced a new security standard for consumer PIN entry on commercial off-the-shelf devices (COTS). The new software based PIN Entry (SPoC) Standard provides a software-based approach (vs. entering a PIN on a hardware keypad) for securing PIN data entry on a diverse array of touchscreen COTS devices in the market today, such as a smartphones or tablets.
-
Blockchain and You – A primer on the underlying technology that makes Bitcoin possible
Intro
Given the media attention on Bitcoins daily value gyrations, its easy to be distracted away from the technology that makes the cryptocurrency (and its ilk) possible. Todays blog isnt to debate the true value or future of Bitcoin, but rather to examine Blockchain, the protocol that enables Bitcoins currency sovereignty, along with a host of other possible applications.
-
Meltdown & Spectre Follow Up – Specific PCI DSS Action Items
Following up on our recent alert regarding the Meltdown and Spectre security flaws, RSI now provides subsequent information and recommendations to our clients and all organizations needing to adhere to PCI compliance requirements.
-
RSI Alert: Meltdown & Spectre CPU Security Flaws
Bottom Line:
Researchers recently discovered two design flaws in nearly all CPUs manufactured by Intel, AMD, and ARM since 1995 that bypass system protections and potentially allow attackers to steal sensitive information from the memory of running applications. Sensitive data such as passwords, browser cookies, emails, photos, documents, etc. contained in devices (PCs, servers, iphones, ipads) that use those CPUs are all potentially at risk.
-
PCI Requirement Changes in 2018
Happy New Year!
As we kick off 2018, there are a few significant PCI requirement changes to be aware of in the new year, particularly on these two dates: Feb 1 and June 30.