Blog

How I Retained My QSA Certification

In 2019, the Payment Card Industry (PCI) Security Standards Council (SSC) modified the Qualification Requirements for Qualified Security Assessor (QSA) employees. Prior to the modification, the requirements stipulated that QSA employees must hold either an Information Security certification or an audit certification, but now QSA employees must have a minimum of two (2) industry certifications:...

20 Tips for Certification Success

Over the years, it has been my experience that industry certifications have become standard for job consideration and/or advancement for many technical positions. This is, of course, in addition to having experience in the particular field. I obtained my first (modern-day) technical certification in 2014. It was the System Security Certified Practitioner (SSCP) offered by...

Payment Card Industry (PCI) – Recurring Requirements Require Attention!

There are certain items contained within the 12 PCI requirements that have to be performed based on defined frequencies. In my experience, companies sometimes struggle with adhering to some if not all of these items. There are a number of reasons that this might happen, whether it’s related to employee turnover, unfamiliarity with the items,...

PCI Requirements 101

Having completed several PCI-DSS (Payment Card Industry – Data Security Standard) Reports on Compliance (RoCs) over the past couple of years, I have noticed a consistent pattern on the items needed for the 12 requirements. I have found that there are three basic components to most if not all PCI requirements: Documentation (Policies, Standards, and...

How to Reduce PCI Compliance Anxiety

What type of emotions are created in you when you hear the term ‘PCI?’ Anxiety? Possibly fear? For some, it may be disgust. Most favorably, some may feel a sense confidence or enthusiasm. Ok, I agree that enthusiasm is rarely listed as an emotion felt when hearing the term ‘PCI,’ although there may be someone...

GDPR (General Data Protection Regulation) – FAQ

My goodness! D-Day, May 25 is right around the corner! GDPR is thought by many to be the regulation of regulations approved in 2016 and scheduled to be enforced by May 25, 2018.  Many customers are still asking, What is GDPR? At a very basic level, GDPR is the General Data Protection Regulation developed to...