PCI Compliance in the Cloud
How should an organization approach PCI compliance in the cloud?? We’ll answer this question and address key concepts for implementing and maintaining cloud environments that live up to the PCI [...]
How should an organization approach PCI compliance in the cloud?? We’ll answer this question and address key concepts for implementing and maintaining cloud environments that live up to the PCI [...]
What is PCI’s perspective on Business Continuity? Here is an overview on Business Continuity as described through the lens of the PCI DSS v3.2.1. Business Continuity is tied to Incident [...]
How should a company think about PCI Scope and Segmentation? For companies looking to identify and reduce the scope of their PCI environment, through network segmentation, it is necessary to [...]
Maintain Compliance From our experience working with high-growth technology companies subject to a myriad of compliance obligations, maintaining security and privacy compliance initiatives throughout the year is a prominent challenge [...]
How can you ensure success for your company’s SOC 2 initiative? Here are 5 Steps to SOC 2 success – best practices and lessons learned from the field! I have [...]
Check out our webinar from Christian White and Christian Hyatt in which they cover the basics of SOC 2 reporting, what to expect during a SOC 2 audit, and why [...]
Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.
Overview of the SOC for Cybersecurity In 2017 the AICPA published guidance on a new cyber security risk management examination, System and Organization Controls for Cyber Security (SOC for Cybersecurity). [...]