Third-Party Vendor Security and PCI DSS 

pci dss featured

We’ve regularly written about maintaining security and compliance with third-party vendors. While vendors and managed service providers are a crucial part of digital economies, it’s up to the client businesses to ensure they work with vendors that meet their needs. 

Following previous discussions of third-party vendor security under standards like SOC 2 and HIPAA, we’re now covering best practices for vendor management under PCI DSS 4.0.

Read More

Introduction to Targeted Risk Analysis (TRA) in PCI DSS 4.0

PCI DSS TRA featured

The Payment Card Industry Security Standards Council (PCI SSC) recently released a new document guiding targeted risk analysis. This approach to security is a cornerstone of the PCI DSS 4.0 update, and yet, for many businesses, this is something new that they may need help understanding. 

This article will discuss Targeted Risk Analysis, its role in PCI DSS 4.0, and how your organization can consider implementing these measures as part of their compliance efforts.

 

Read More