Having performed numerous Reports on Compliance (ROC) for corporations and assisted a myriad of clients with their Self Assessment Questionnaire (SAQ), one thing is apparent to us: companies large and small are having difficulty determining PCI scope for their environment. This can have a profound impact on your compliance. Having the wrong scope can invalidate […]
Most have heard about the 2013 Target Data Breach. You know, the one that exposed the payment card data of over 40 million customers, resulted in the CEO resigning, and cost Target $252 million. Well did you know that the initial data breach leveraged credentials stolen from there Heating and Air Conditioning vendor? Of course there […]
On February 16th, 2017, the New York Department of Financial Services (NYDFS) released the NYDFS Cybersecurity Regulation (23 NYCRR 500). This regulation lays out a new set of cybersecurity requirements for all covered financial institutions. With this enactment, NY became the first state to implement comprehensive cybersecurity regulations. Our hope is that other states will […]
