Category Archives: PCI DSS

The Demise of IS1 & 2 – Are Risk Assessments Really Worth the Effort?

Signpost image to suggest changes coming in IS1 & 2

 

 

 

 

 

 

 

 

HMG IA Standard Numbers 1 and 2 – Information Risk Management is no longer supported by CESG. The standard will still be available to those government organisations that are contractually obliged to follow it but where does that leave those looking for a best-practice risk assessment methodology to follow?

This blog explores some of the options and ponders whether a risk assessment is really needed. Continue reading “The Demise of IS1 & 2 – Are Risk Assessments Really Worth the Effort?” »

avatar

Paddy Keating

Director and Government Service Manager at Ascentor

More Posts

Follow Me:
Twitter

Share

How To Achieve Security Standards Quickly And Save Money

Companies are able to make big savings when going for security standards compliance by changing the way they do business rather than remediating their existing systems.

Change the way you do business

Most companies don’t realise that compliance to standards, such as PCI DSS, ISO 27001/2 or many of the other security standards that are increasingly required of companies, does not necessarily mean complete disruption and painful remediation of existing business structures and systems.  If approached in the right way it is possible to make big savings by just changing the way you do business rather than to remediate your existing systems parrot-fashion when going for standards compliance. Continue reading “How To Achieve Security Standards Quickly And Save Money” »

avatar

Colin Dixon

Principal Consultant

More Posts

Share

PCI DSS and Corporate Governance Go Hand in Hand

This article looks at why PCI DSS cannot be divorced from the business, corporate governance and regulatory frameworks that already exist within an organisation, and the benefits of integrating it within a compliance framework.

PCI DSS often stands alone

PCI DSS is an important contractual issue for many organisations for whom payment cards are central to their business. It is often seen as a stand-alone compliance project, separate or different to other compliance areas that need to be serviced within the business. But dealing with PCI DSS separately or differently is often counterproductive.

Treating PCI DSS as stand-alone can:

avatar

Colin Dixon

Principal Consultant

More Posts

Share

What is PCI DSS?

The Payment Card Industry (PCI) Data Security Standard (DSS) is the worldwide benchmark that helps you safeguard your customers’ payment card data. As a merchant you are at the centre of payment card transactions. Compliance with PCI DSS will help to make you less vulnerable to payment card fraud, your customers less vulnerable to identity theft and build customer trust. Continue reading “What is PCI DSS?” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share

PCI DSS: 5 Things To Do To Retain Compliance Each Year

It is tempting to think that once you have achieved PCI DSS compliance you can rest on your laurels. That’s it, finished isn’t it – nothing more to do until this time next year?

I know you have worked very hard on PCI, but I am going to disappoint you here. If you want to KEEP your PCI DSS compliance you have work to do throughout the year. Unless you keep your eye on the PCI ball you could end up with a very expensive compliance project each year. The key to ongoing PCI success is continuity. You’ve got to keep up all that good work.

5 ways to ensure consistent PCI DSS compliance

Continue reading “PCI DSS: 5 Things To Do To Retain Compliance Each Year” »

avatar

Dave James

Information Risk Management expert and Managing Director of Ascentor

More Posts

Follow Me:
Twitter

Share
 
Buy Cialis in UK