Finally! A Framework You Can Use to Implement a World Class Continuous PCI Compliance Program
According to the 2022 Verizon Payment Security Report, "full or continuous compliance still seems out of reach for 56.4% of the organizations analyzed."
Stop Struggling With PCI DSS Compliance
If the 56.4% of organizations that can’t sustain PCI Compliance understood how to implement Continuous PCI Compliance, perhaps we’d see better results.
I’ll be the first to admit that continuous PCI Compliance was beyond my grasp when I started my PCI journey in 2012. I was doing my best not to drown in a sea of confusion and chaos.
If something like our newest course existed a decade ago, I would have been all over this.
At the very least, it would have given me a starting point, a structure, from which to create and implement a World Class Continuous PCI Compliance program.
No one teaches organizations how to implement a PCI DSS Compliance program let alone a continuous program.
Until now.
While Continuous PCI Compliance has been at the core of PCI DSS since it began in 2006 it’s even more so with the publication of PCI DSS v4.0.
On July 26, 2023, we launched our newest course, Implement Continuous PCI Compliance With a Sustainability Framework That REALLY Works.
Maintaining PCI DSS Compliance is a multi-team effort. And it starts with knowing what’s in scope for assessment. Your network and cardholder data flow diagrams are the heart and soul of your continuous PCI DSS Compliance program.
I remember when I was working as an IT Security Project Manager responsible for the implementation of 10 different security projects for the new. cardholder data at a Fortune 100 Company. They had a job posting for a PCI Compliance Program Manager and I thought, why not?
The job description looked easy enough. In fact, I flipped my resume over on a whim during lunch on a Friday. Got called by the internal recruiter within 20 minutes and was interviewed on Monday and hired by Wednesday.
I had no idea what was really in store for me. Nobody did.
Because nobody I interviewed with understood HOW to run a successful PCI DSS Compliance program for a level 1 merchant.