Achieving PCI compliance is vital for all businesses that accept card payments, but what’s the best way to get started when you are trying to keep costs down in..
Businesses using Magento 1 have a decision to make before June. Here are the options and the Magento PCI compliance implications to be aware of. First released to the..
Katie McMillan stands out in the world of Information Security. Not only does she represent one of the growing number of women working in the sector, she also gained..
PCI DSS compliance is like car maintenance; to ensure your vehicle remains roadworthy throughout the year you need to practise an ongoing programme of routine repairs, regular servicing and..
5 signs you need a new QSA – Thursday 22nd November 3pm – 3.45pm (GMT) In this free live webinar Paul Brennecker and Laura Chatton will be discussing the..
PCI DSS compliance is no longer an annual project. New requirements this year are ensuring that businesses are monitoring their compliance on a continuous basis. So, is your QSA..
This article first appeared in the Q3 edition of Casino & Gaming International (CGi ) and appears here with their kind permission. As the implications of the General Data..
By Paul Brennecker, Principal Security Consultant and Lead QSA Paul Brennecker gave a presentation at PCI London on 5th July 2018 and this article first appeared in that event’s..
There is a curious irony that the enactment of the General Data Protection Regulation (GDPR), drawn up to protect the rights of individuals and their right to online privacy,..
by Tom Fairfax, Managing Director It is not often that EU-wide legislation is likened to a children’s story. Consider, however, the story of Goldilocks and the three bears. When..
For a long time the General Data Protection Regulation has been looming on the horizon but in just a few short days it will arrive; a permanent aspect of..
More than 40 organisations, including McMillan Cancer, the NSPCC, the RNLI and the Church of England, have introduced technology which means that donations can be made with a quick..
Delegates at the PCI SSC Europe Community Meeting in Barcelona this week will have a lot on their minds. Changes to compliance, the security of customer payment card data,..
James Hopper and Paul Brennecker of SRM will be attending the Europe Community Meeting in Barcelona 24th – 26th October. Organised by the Payment Card Industry Security Standards Council..
The summer months are traditionally a time when hard-working people take a break. Those left in the office can end up feeling over-stretched or less-motivated than normal. But it..
This month Visa has reported an increase in the number of network intrusions involving service providers. It also reports increases in re-breaches of merchant payment environments and skimming incidents..
Being known as the source of the largest data breach in history is probably not how Yahoo would like to be remembered. The reputations of eBay, Linkedin, MySpace, Talk..
The fact is that all too often the first someone knows that their system has been breached is when they receive a call from their acquiring bank. Someone has..
The Chancellor recently announced a £425 million government investment in the NHS over the next three years. While pundits speculate on what this will actually mean for our vital..
By Paul Brennecker, Senior Information Security Consultant & Principal QSA The Payment Card Industry Data Security Standard (PCI DSS) lists a number of myths relating to PCI compliance. One of..
As Britain navigates its way through the choppy waters of Brexit, there is a great deal of uncertainty about exactly what form our new relationship with Europe will take...
There is a new face at the forefront of investigating cybercrime in the UK. Newcastle-based Security Risk Management has achieved another success for its SRM Academy Programme. With over..
‘Do not wait until it’s too late – engage a PFI company now!’ That is the advice given by Jeremy King, International Director, PCI Security Standards Council in his closing..
The numbers on payment cards are going to become longer. This is because of changes which are being made to the international standard (ISO/IEC 7812) under which Issuer Identification..
Information security breaches can and do happen, even to the best prepared organisations. Every year, companies that have demonstrated ongoing PCI DSS compliance will still fall victim to an..
There are a lot of online registers for reputable tradesmen. Many of these provide contact details for reliable plumbers in any given area, together with ratings and personal recommendations...
“The single biggest problem in communication is the illusion that it has taken place.” said George Bernard Shaw. This can be true in so many aspects of life and unfortunately,..
Newcastle-based Security Risk management (SRM) Ltd is addressing the national shortage of top level qualified cyber security consultants by employing individuals with potential and then providing training in house...
Maintaining Compliance with any Information Security Standard is often a long and winding journey. You never quite know what is over the horizon or around the bend, so what..
The eagerly anticipated update to the global Payment Card Industry Data Security Standard (PCI DSS) has been released today, Thursday April 28th 2016. This update to the standard has..
With the PCI Council set to release version 3.2 of the PCI DSS imminently, the subject of migration away from weak session encryption protocols is becoming a hot topic...
By Paul Brennecker, Principal QSA, PCI PFI, PCIP The countdown to European-wide data protection is on. But while some businesses will be anxious about how to ensure compliance with..