dcsimg

Fintech industry developments, differences between Europe and the US

“Put your money in the bank and you can watch it grow.” If there is a statement that shows us how much the financial world has changed it’s this one. With the introduction of negative interest, companies and consumers with a large amount of liquid assets are looking for a different way to handle those assets. This is where the innovative fintech industry comes into play. What is … [Read more...]

A guide to the 4 PCI DSS compliance levels

The PCI DSS (Payment Card Industry Data Security Standard) contains a set of requirements to help organisations prevent payment card fraud. But did you know that the same requirements don’t apply universally? In fact, there are four PCI compliance levels, which are determined by the number of transactions the organisation handles each year. Level 1: Merchants that process over 6 million card … [Read more...]

IT Governance certified training now available in Amsterdam

IT Governance Europe is delighted to announce the launch of our latest classroom training courses in Amsterdam.   Starting in 2020, they offer attendees a structured learning path from foundation to advanced level, and enable IT, privacy and security practitioners to develop the skills needed to deliver best practice and compliance in organisations of all sizes.   Continual professional … [Read more...]

Why Retailers Are a Soft Targets to Hackers (And What to Do About it)

Time and time again, retailers prove to be a popular (and easy) target for hackers. The tangible and intangible costs for an e-commerce site that’s been breached can escalate quickly. In this post, we'll explore the issue, and outline some solutions.  … [Read more...]

A concise guide to PCI DSS v3.2.1

All target dates for compliance with the PCI DSS have long since passed. The Standard is now on its third version, with the fourth in development with a predicted release date of Q4 2020. It is likely that v3.2.1 will be withdrawn around the end of 2021. Many organisations around the world – particularly those that fall below the top tier of payment card transaction volumes – are not yet … [Read more...]

Demonstrate your PCI DSS compliance with by completing an SAQ

Organisations that accept card payments are responsible for the security of customers’ payment information and must comply with the PCI DSS (Payment Card Industry Data Security Standard).  Compliance will be a lengthy process for some, but organisations that handle fewer than six million transactions annually can speed up the process by completing an SAQ (self-assessment questionnaire).  There … [Read more...]

A compliance checklist for the 12 requirements of the PCI DSS

Any organisation that stores, processes or transmits payment card data must comply with the PCI DSS (Payment Card Industry Data Security Standard).  The Standard contains 12 requirements, which we’ll run through in this blog along with an overview of the steps you should complete to meet each one.   1. Install and maintain a firewall configuration to protect cardholder data Firewalls control … [Read more...]

How safe is it to take card payments over the phone?

Most of us are so comfortable making payments over the Internet that we barely think twice about the security implications. But the same can’t be said of transactions made over the phone.  Why is that? They’re both card-not-present payments, and you’re essentially doing the same thing: providing your card details to an organisation.  The only difference is that, over the telephone, you speak to … [Read more...]

How Ireland’s Credit Unions can meet their penetration testing requirements

Credit unions in Ireland are required to conduct a penetration test once a year, and send the results to the Central Bank of Ireland for review.  According to a report published by the Bank last year, credit unions are getting better at doing this. But for those that are still unsure how to complete this process or simply want to get better at it, this blog explains everything you need to know … [Read more...]

What do SMEs need to do to comply with the PCI DSS?

Organisations that accept card payments are responsible for the security of customers’ payment information and must comply with the PCI DSS (Payment Card Industry Data Security Standard). The PCI DSS is a set of tools and measures to help you protect payment card data. It applies to all organisations that transmit, process or store such information, but SMEs (small and medium-sized organisations) … [Read more...]