PCI Requirement 3.1 – Keep Cardholder Data Storage to a Minimum

by Randy Bartels / December 22, 2022

PCI Requirement 3.1 requires organizations to securely delete data that is not required to be retained for business or legal requirements. Why is complying with PCI Requirement 3.1 important? So that cardholder data cannot be recreated by malicious individuals. PCI Requirement 3.1 states that organizations should, “Keep cardholder data storage to a minimum by implementing data retention and disposal policies, procedures, and processes…” PCI Requirement 3.1 aligns with the methodology…

Breachmania: Top Data Breaches in 2017

by Sarah Harvey / December 19, 2022

Halfway through the year 2017, we find ourselves reading a similar headline in the news every day, "XYZ Company Has Announced 100 Million Customer Records Exposed in Data Breach." As we skim the articles, we breathe a brief sigh of relief that it isn’t our company in the headline, knowing that we could be next. According to a 2017 Ponemon Institute Report, the average total cost of a data breach…

Man working on computer

Shark in Water: 5 Things to Avoid a Costly Data Breach

by Sarah Harvey / June 13, 2023

Is your organization swimming in information security concerns? Recent and startling new malicious attacks are causing organizations to re-think everything we know about our security posture – from breach prevention to response. Organizations are beginning to shift their focus on security when they have realized that sometimes, compliance isn’t enough. With this “shark in water” reality, here are 5 things your organization should be doing to avoid a data breach.…

Cyber Insurance – What Is It and What is Covered Under a Cyber Insurance Policy?

by Benjamin Wright / December 19, 2022

Cyber insurance – a hot topic in the law of data security. Many insurance companies have started issuing policies for cyber incidents and cyber breaches – But, what should be covered under a cyber insurance policy? Since there is no standard policy for cyber insurance, you are likely to find vastly different policies from a number of difference insurance companies. Enterprises looking to use insurance to manage information security risk…

Guide to PCI Compliance – Navigating PCI DSS v3.2

by KirkpatrickPrice / April 12, 2023

What is the PCI DSS? The PCI Security Standards Council was jointly developed by the payment card brands to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. It ensures that all data that lives within the Cardholder Data Environment (CDE) is protected and secured from theft or unauthorized use. Any merchant, service provider, or sub-service provider who stores, processes, or transmits…