Business IT Teams will almost certainly be aware of the importance of finding security vulnerabilities within the company’s
PCI DSS
Social Engineering Testing and PCI
The term social engineering refers to the practice of attempting to compromise a system through the manipulation of those who
PCI Segmentation Checks – What’s Required
PCI DSS requires that network segmentation controls are penetration tested and that the methods used are operational
Application Penetration Testing for PCI
When considering application penetration testing for PCI, any software written by your organisation or written specifically for it,
PCI Penetration Testing – How to Define The Scope
Cardholder Data Environment
The PCI DSS defines the cardholder data environment (CDE) as follows:
PCI Penetration Testing Vs Vulnerability Scanning
If you take credit card payments, you may be aware that regular vulnerability scanning and penetration testing are
New CPMI report claims that restoring payment systems after disruptive cyber-attacks could involve compromising analysis of incidents
In the event of a cyber-attack what should be a business’ main priority? Should the enterprise prioritise restoring services or should it concentrate its efforts on reporting the cyber-breach? Well, that’s the dilemma faced by many businesses in the financial markets. But which priority should businesses concentrate their resources on? Well, according to a Committee …
Cyber criminals are targeting online transactions where the EMV standard still offers little protection, warns the head of PCI SSC
Are you satisfied that your business’ PCI data security standards pass muster? Are you confident that the security standards you have put in place are robust and secure? Well, you may just have to reassess your strategy as this confidence isn’t necessarily shared by the body which administers the industry’s data security standard, the Payment …
Nearly 100,000 travel insurance customer’s credit card details compromised in cyber-attack
2013 ended just as it had begun with yet another cyber-attack against a firm holding customer data. The personal and confidential information of thousands of Staysure customers was stolen by hackers. The cyber-attack saw the credit card details of nearly 100,000 travel insurance customers compromised. The travel insurance provider has revealed that card payment details …
What exactly are the requirements of Payment Card Industry Data Security Standards (PCI DSS)?
Most businesses will be aware of the vital importance of spotting security vulnerabilities within their network and applications, and many will also be aware that they will need to carry out a network penetration test to help them comply with the Payment Card Industry Data Security Standard (PCIDSS) requirements. Understandably many SMBs will look to find the cheapest and quickest way to comply with the required standards. However, some businesses might be surprised to learn that the service they are paying for isn’t necessarily what they think it is. PCI DSS is explicit in its requirement that a penetration test has to be performed, but it is rather vague when it comes to explaining what methods need to be employed when performing testing.