Why Penetration Tests are Critical for Accurately Assessing Security Risk

October 10, 2017 • Published Categories Best PracticesTags ,
Penetration tests look for vulnerabilities within various endpoints

How do you conduct your IT risk assessments? In a recent ControlScan customer survey, we asked IT leaders about risk assessments. Specifically, we wanted to know how often businesses are conducting them, as well as if they are doing so formally by using an external … Read more

PCI Risk Brings New PCI Service Provider Requirements Impacting ISOs

September 14, 2017 • Published Categories Industry TopicsTags ,

Independent Sales Organizations (ISOs) have risky business to attend to. In the payments ecosystem, ISO businesses have a lot going for them. The recurring revenue model for ISOs is alive and well, and many have found success by specializing in specific market niches. Sure, being … Read more

How Website Security Gets Breached: 3 Common Errors and 3 Basic Fixes

June 7, 2017 • Published Categories PCI 101Tags , ,
Website security: 3 common errors, 3 basic fixes

The bad guys don’t care what—or how much of it—you sell online. Today’s e-commerce businesses are in hackers’ cross hairs for many reasons, not the least of which is their ease of access. With the Internet as their gateway, every single e-commerce business is an … Read more

PCI Learnings from the Verizon 2017 Data Breach Digest

April 12, 2017 • Published Categories Best PracticesTags , , ,
PCI Learning from the Verizon 2017 Data Breach Digest

The story behind the DBD. Each spring, the information security community looks forward to the release of the latest Verizon Data Breach Investigation Report (DBIR). This year we have some advanced data breach info as we await the DBIR: The Verizon 2017 Data Breach Digest … Read more

For Acquirers, the Visa QIR Deadline Has Come and Gone.

March 3, 2017 • Published Categories Acquirer ProgramsTags , , ,
Did you miss the Visa QIR deadline?

If you missed the QIR deadline, you need to act fast. At last month’s Northeast Acquirers Association (NEAA) Conference, I joined the Legislative Panel to speak on the subject of the Visa Qualified Integrators & Resellers (QIR) program. My talking points were timely, given the … Read more