The bad guys don’t care what—or how much of it—you sell online. Today’s e-commerce businesses are in hackers’ cross hairs for many reasons, not the least of which is their ease of access. With the Internet as their gateway, every single e-commerce business is an … Read more
The story behind the DBD. Each spring, the information security community looks forward to the release of the latest Verizon Data Breach Investigation Report (DBIR). This year we have some advanced data breach info as we await the DBIR: The Verizon 2017 Data Breach Digest … Read more
If you missed the QIR deadline, you need to act fast. At last month’s Northeast Acquirers Association (NEAA) Conference, I joined the Legislative Panel to speak on the subject of the Visa Qualified Integrators & Resellers (QIR) program. My talking points were timely, given the … Read more
The time to understand third-party breach risk is now. Back in May, we took an in-depth look at the PCI 3.2 SAQs. We noted that the PCI Security Standards Council (SSC) is responding to the recent data breaches involving third-party service providers by significantly enhancing … Read more
New Small-Business Cybersecurity Tools for Acquirers Today the PCI Security Standards Council (SSC) announced a significant advancement in its efforts to foster small-business cybersecurity: A set of payment protection resources that acquirers can use to educate and empower the small merchants they serve to fight … Read more
Today’s PCI DSS: What’s Changed and What Hasn’t? This September, the PCI Security Standards Council will mark its 10-year anniversary. Do you know exactly what you were doing 10 years ago? Can we agree that the past 10 years seemed to go very quickly? At … Read more