San Francisco, CA, USA
Jul 18, 2019 | By Ben Lack
Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is not easy to achieve. Quite the opposite, in fact: A 2017 Verizon report stated that 80 percent of companies fail their PCI DSS assessments, and only 29 percent of those that pass are still compliant after one year. PCI DSS compliance, like information security as a whole, is not a one-and-done process but ongoing. To succeed, your enterprise must be vigilant.
Jul 16, 2019 | By Ben Lack
While every merchant and service provider that processes, stores, or transmits credit card data must comply with the Payment Card Industry Data Security Standard (PCI DSS), not all must travel the same path to PCI compliance. The amount of risk an organization faces depends on a variety of factors. Recognizing these differences, the PCI Security Standards Council developed four compliance levels for merchants and two for service providers.
Jul 11, 2019 | By Alan Gouveia
A PCI audit examines the security of your organization’s credit-card processing system from beginning to end. During this process, a Qualified Security Assessor (QSA) or your own Internal Security Assessor will determine the effectiveness of your organization’s information security controls.
Jul 8, 2019 | By Alan Gouveia
Compliance with the Payment Card Industry Data Security Standard (PCI DSS) and its 281 directives can be a time-consuming hassle. Fortunately, there are ways to minimize your PCI DSS scope, saving time and resources for your organization and auditor, and ratcheting down your stress levels. Larger organizations—those processing more than 1 million credit-card transactions annually—may need two years to reach initial PCI DSS compliance.
Jun 13, 2019 | By Ben Lack
The era of Big Data is here. Information now exceeds fantastic proportions, globally measured in zettabytes (each zettabyte is a billion terabytes) and growing at an exponential rate that defies comprehension. According to the IDC, global data is expected to grow from 23 Zettabytes (ZB) in 2017 to 175 ZB by 2025.
Jan 29, 2019 | By Reciprocity Labs
Get best practices for purchasing and implementing a GRC software tool and get tips on how to leverage your tool for ongoing success.
Jan 29, 2019 | By Reciprocity Labs
In an increasingly litigious society, you need technology that allows you to create business strategies based on these risks so that you protect your organization from the mistakes others make.
Jan 1, 2019 | By Reciprocity Labs
This paper explores several dimensions of Vendor Risk Management. First, why are vendor risks proliferating—why now, and where do they come from? Second, what steps are necessary to manage vendor risks? And third, how can CISOs and compliance officers implement those steps in a practical way, so you don’t spend all your time chasing vendors with risk management protocols?
Dec 1, 2018 | By Reciprocity Labs
When companies first determine they need a formal compliance program, many are unclear if they need a compliance tool to manage it. Many companies turn to Microsoft Excel as the compliance tool of choice when first undertaking a GRC program. This eBook covers where Excel makes sense and how to know when your program has outgrown Excel.
Jul 28, 2016 | By Reciprocity
While Microsoft Excel is flexible and powerful, it’s not designed to track compliance initiatives. Some companies can get away with using an Excel spreadsheet for simple compliance requirements. However as your organization matures the need for compliance software will quickly grow.