26 February

10 Critical Responsibilities of a PCI ISA

Peggy NolanContinuous PCI Compliance Program, PCI Report on ComplianceNo Comments

I remember when I was working as an IT Security Project Manager responsible for the implementation of 10 different security projects for the new. cardholder data at a Fortune 100 Company. They had a job posting for a PCI Compliance Program Manager and I thought, why not?

The job description looked easy enough. In fact, I flipped my resume over on a whim during lunch on a Friday. Got called by the internal recruiter within 20 minutes and was interviewed on Monday and hired by Wednesday.

I had no idea what was really in store for me. Nobody did.

Because nobody I interviewed with understood HOW to run a successful PCI DSS Compliance program for a level 1 merchant.

Read More
Simple steps to secure payments
8 October

Protecting Your Small Business: Simple Steps to Secure Payments and Meet Industry Standards

Peggy NolanPCI DSS Compliance for Small BusinessesNo Comments

Elizabeth Terry’s blog post emphasizes the importance of cybersecurity for small businesses. She argues that small businesses, often lacking robust defenses, are appealing targets for cybercriminals. Terry advises securing customer payment information by following PCI DSS guidelines, updating payment systems, and educating staff on cyber threats. Implementing these steps builds trust and safeguards business operations.

Read More
PCI DSS COMPLIANCE REQUIRES EVIDENCE
31 July

Embrace the Suck: PCI DSS Compliance Requires Evidence

Peggy NolanPCI DSS v4.0No Comments

As the saying goes,“the proof is in the pudding”

Or in this case, the proof is in your policies, standards, processes, procedures, configuration settings, access control lists, network diagrams, interviews and so much more.

Yes, PCI DSS Compliance is hard.

And it most certainly is a pain in the a$$ to do day in and day out.

Trust me, I’ve been there.

I know what you’re going through.

Keep Reading!

Read More
document nation need for pci compliance 2
6 June

Documentation Can Make Or Break Your PCI DSS Compliance Program

Peggy NolanContinuous PCI Compliance Program3 Comments

Why Do I Need So Much Documentation for PCI DSS Compliance?

I can hear you roll your eyes but I’m glad you asked that question.

As a former senior IT security director once told me, “PCI compliance is an exercise in killing trees.”

I get it. Most people would rather have a root canal than document critical PCI Compliance processes.

Keep reading!

Read More
1 2 3 6