In this latest post of my Payment Card Industry Data Security Standard (PCI DSS) compliance blog series, we will explore Requirement 4 of the standard....

The end of 2017 is quickly approaching, and we thought we should remind you of the PCI requirement changes that are coming next year. Some of these....

In this latest post of my PCI compliance blog series, we will explore Requirement 5, which has four distinct requirements that imply they need to be....

When people think of PCI business as usual (BAU) they do not typically see the requirements in section 10 as having much of anything to do with BAU....

The most widely known requirements in PCI DSS 3.2 section 11 with a timing implication are the quarterly external and internal vulnerability scans (11....

The title of this post sounds daunting, does it not? However, achieving PCI compliance every day is not as daunting as you might think. With the....

Last Thursday, April 28, 2016 the PCI Security Standards Council (PCI SSC) released version 3.2 of the PCI Data Security Standard (PCI DSS). To save....

Requirement 6.2 of the PCI DSS (6.1 in v2) has always created a lot of consternation and discussion. For those of you that have forgotten, requirement....

No words or phrases in the PCI standards elicit more comments and questions than “significant change,” “periodic” and “periodically”. So what do these....