-
Steven Sletten
Blog
PCI DSS Compliance - Meeting the Third-Party Vendor Requirements
By Tripwire Guest Authors on Tue, 02/20/2024
Image
Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway,...
Blog
Managing Financial Crime Risks in Digital Payments
By Chester Avey on Thu, 02/01/2024
Image
The emergence of innovative Financial Technology (FinTech) has spearheaded rapid growth in the digital payments sector. In recent years, global payment revenues exceeded valuations of $2.2 trillion, with a steady Compound Annual Growth Rate (CAGR) expected in the next five years.
There is no denying the convenience benefits...
Blog
How Does PCI DSS 4.0 Affect Web Application Firewalls?
By Josh Davies on Mon, 01/08/2024
Image
The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the role and new mandate of web application firewalls (WAFs) in...
On-Demand Webinar
Best Practices for the PCI DSS 4.0 Countdown
Wed, 09/27/2023
The deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements isn’t until March 31, 2024, but organizations that allow those remaining months to fly by without adequate preparation may face last-minute PCI panic. The best approach is to steadily reach key milestones so you’ll be fully prepared when the deadline arrives.
Watch the...
On-Demand Webinar
Expert Compliance Automation Tips for Financial Services
Thu, 08/17/2023
Cybersecurity compliance standards like the Payment Card Industry Data Security Standard (PCI DSS) and Society for Worldwide Interbank Financial Telecommunications (SWIFT) do an excellent job of hardening systems against breaches. This is especially important in the financial services sector, a common target for cybercriminals. This on-demand webinar presented by Senior...
On-Demand Webinar
Insights for Navigating PCI-DSS 4.0 Milestones
With the PCI-DSS 4.0 implementation deadline looming just around the corner in 2024, financial companies have no time to waste when it comes to reaching key compliance milestones. Watch this on-demand webinar presented by Fortra’s Tripwire and BankInfoSecurity.com designed to help you get—and stay—on track for PCI 4.0 compliance.
Hear from industry experts on preparing for PCI...
Blog
Integrity Monitoring Use Cases: Compliance
By David Bruce on Wed, 10/19/2022
Image
What is File Integrity Monitoring?
The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations...
Blog
Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS
By Tripwire Guest Authors on Wed, 08/31/2022
Image
The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce emerging as the largest segment in the projected $8.49 trillion global...
Blog
A 5 Step Checklist for Complying with PCI DSS 4.0
By Tripwire Guest Authors on Mon, 08/15/2022
Image
In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in...
Datasheet
Tripwire ExpertOps and PCI
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments, secure the cardholder environment to prevent credit card fraud, cyber threats and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting and storing credit card data to...
Datasheet
Tripwire Resident Engineers
The cybersecurity skills gap can leave many organizations without adequate staffing for the operation of their security tools. High turnover rates can also cause an organization to lose essential knowledge when team members leave who were familiar with the tools. To complicate matters further, the pandemic is driving the need for temporary cybersecurity support as agencies...
Datasheet
Tripwire’s Solutions for Automated, Continuous PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments secure the cardholder environment to prevent credit card fraud, cyber threats, and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting, and storing credit card data to...
Blog
PCI 4.0: The wider meanings of the new Standard
By David Bruce on Wed, 07/06/2022
Image
The new PCI DSS Standard, version 4.0, contains all the steps, best practices, and explanations required for full compliance. In fact, even an organization that does not process cardholder data could follow the PCI Standard to implement a robust cybersecurity program for any of its important data.
In our series about how the...
Blog
What you need to know about PCI 4.0: Requirements 10, 11 and 12
By David Bruce on Wed, 06/29/2022
Image
As we continue our review of the 12 Requirements of PCI DSS version 4.0, one has to stop and consider, is it possible to have a favorite section of a standard? After all, most guidance documents, as well as regulations are seen as tedious distractions from the importance of getting the job done. However, depending on a person’s...
Blog
What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9
By David Bruce on Wed, 06/22/2022
Image
In Part 1 of this series, we reviewed the first four sections of the new PCI standards. As we continue our examination of PCI DSS version 4.0, we will consider what organizations will need to do in order to successfully transition and satisfy this update.
Requirements 5 through 9 are organized under two categories:
Maintain a...
Blog
What you need to know about PCI 4.0: Requirements 1, 2, 3 and 4.
By David Bruce on Tue, 06/14/2022
Image
The Payment Card Industry Security Standards Council has released its first update to their Data Security Standard (PCI DSS) since 2018. The new standard, version 4.0, is set to generally go into effect by 2024, but there are suggested updates that are not going to be required until a year after that. This, of course, creates...
Blog
PCI DSS 4.0 and ISO 27001 – the dynamic duo
By Tripwire Guest Authors on Wed, 04/27/2022
Image
It’s not often we can say this, but 2022 is shaping up to be an exciting time in information governance, especially for those interested in compliance and compliance frameworks.
We started the year in eager anticipation of the new version of the international standard for information security management systems, ISO 27001:2022,...
Blog
PCI DSS 4.0 is Here: What you Need to Consider
By David Bruce on Tue, 04/26/2022
Image
The Payment Card Industry Data Security Standard (PCI DSS) is a benchmark with tenure in the industry, with the first version being introduced in 2004. The PCI DSS was unique when it was introduced because of its prescriptive nature and its focus on protecting cardholder data. Cybersecurity is a changing landscape, and...
Blog
How Achieving Compliance with PCI DSS Can Help Meet GDPR Mandates
By Tripwire Guest Authors on Sun, 11/14/2021
Image
Data security and privacy are today a prime focus for most organizations globally. While there have been several regulations and standards introduced to improve data security, the evolving landscape makes it challenging for organizations to stay compliant. For many organizations, GDPR and PCI DSS are the first topics that come...