Your overarching security program needs to be dynamic and responsive to the ever-changing threat landscape. As we’ve seen with the recent ransomware attacks, no amount of diligence from a software or hardware perspective can help with the exposure from lack of employee training or awareness as it relates to these...
Why does the Sephora data privacy fine matter for large merchants, and what is the Global Privacy Control (GPC)?
The Sephora decision signals that California is serious about enforcing data privacy legislation. The Sephora ruling was, more broadly, a warning shot for companies. It was the first action taken by an Attorney General to levy a fine against any company for failure to comply with CCP
10 Tips for Operationalizing Data Privacy
The road to finding the right vendor for your organization can often be a long one. You must define your needs, secure budget, conduct countless fact-finding calls, negotiate a contract, and then go live. This process takes time!
PCI DSS 4.0 looms large
Merchants need to immediately start understanding what additional budget they are planning to allocate to tackle the increased time and costs necessary to maintain PCI compliance. Even working to find and procure the services of an approved scanning vendor will take time and internal resources.
Easing the Burden of Data Privacy Compliance
Many organizations lack enough awareness of the data they collect to effectively tackle consumer privacy. In some cases, a data mapping exercise coupled with a third-party vendor assessment can be enough to uncover the detail needed to map the flow of consumer data into and out of a business. In...
Leaping from Level 2 to Level 1 PCI Merchant Status? Here’s how we can help.
For many merchants, PCI Compliance and related activities are a necessary annual pursuit that require additional work for resource strapped internal business units. The looming complexities of PCI DSS 4.0, combined with transitioning to a Level 1 merchant, will likely leave many organizations in the lurch as they determine how...
PAX POS Security and what it means to your organization
Security attacks should be mentioned in the same breath for predictability as death and taxes, and increasingly an organization’s security resources are too strapped for time to operate, complete project work, and continue to adapt and tune their security approach. Third parties who can evaluate your current security environment and provide critical, unbiased feedback with a plan for continued improvement are more...
Outdoor EMV helped defray fraud, but what about improving security and protecting cardholder data for petroleum marketers?
For petroleum marketers, now on the other side of Outdoor EMV implementation, payments at the pump seem more secure and less prone to fraud. This view is only somewhat true, however: Committing fraud by way of stolen card is now more difficult, but sensitive payment data is both more vulnerable...
How does your organization implement and operate its Security Environment?
Security breaches, threats and attacks remain in the news on nearly a daily basis- most recently, the ransomware attack on the Colonial Pipeline company made headlines due to its massive impact on the fuel supply chain. Nick Stavropoulos, Director of Security at W. Capra stressed, “Implementing and operating your security...
Are you protected from ransomware?
When considering security protection and prevention measures, if the goal is to not become the next headline, the time to start working on your approach is today. This isn’t something that should be planned and budgeted for 2022.
What’s Coming in PCI DSS 4.0 and How Should You Prepare?
Merchants can expect significant changes forthcoming in PCI 4.0 for the standard to match the current state of our payments ecosystem.
Simple Security Tips for Consumers
We see a steady stream of news stories about data breaches that result in damage to company reputations, impact to share valuation, cost to implement new security measures and in many cases fines and/or penalties to cover the cost of associated fraud. In the payments and security world, we tend...
