Christian White, Author at risk3sixty

About Christian White

Christian is a strategic business partner, helping High-Growth Technology Companies build, manage, and certify their Security, Privacy, and Compliance programs. Christian leads risk3sixty's Compliance Practice, overseeing SOC 2, PCI DSS, and HITRUST services.

PCI Compliance in the Cloud

How should an organization approach PCI compliance in the cloud?? We’ll answer this question and address key concepts for implementing and maintaining cloud environments that live up to the PCI [...]

By Christian White|2021-06-28T15:56:59+00:00June 28th, 2021|PCI DSS|0 Comments

Business Continuity | A PCI Perspective

What is PCI’s perspective on Business Continuity? Here is an overview on Business Continuity as described through the lens of the PCI DSS v3.2.1. Business Continuity is tied to Incident [...]

By Christian White|2021-05-26T13:44:34+00:00May 26th, 2021|PCI DSS|0 Comments

How to Scope & Segment Your PCI Environment

How should a company think about PCI Scope and Segmentation? For companies looking to identify and reduce the scope of their PCI environment, through network segmentation, it is necessary to [...]

By Christian White|2021-03-01T17:36:02+00:00March 1st, 2021|PCI DSS|0 Comments

Managing Ongoing PCI DSS Compliance

Maintain Compliance From our experience working with high-growth technology companies subject to a myriad of compliance obligations, maintaining security and privacy compliance initiatives throughout the year is a prominent challenge [...]

By Christian White|2020-11-16T16:53:22+00:00November 16th, 2020|PCI DSS|0 Comments

SOC 2 Success in 5 Simple Steps

How can you ensure success for your company’s SOC 2 initiative? Here are 5 Steps to SOC 2 success – best practices and lessons learned from the field! I have [...]

By Christian White|2020-09-28T14:50:09+00:00September 28th, 2020|SOC Reporting|0 Comments

Webinar: SOC 2: Everything You Need to Get a SOC 2 Report

Check out our webinar from Christian White and Christian Hyatt in which they cover the basics of SOC 2 reporting, what to expect during a SOC 2 audit, and why [...]

By Christian White|2020-06-28T20:28:59+00:00July 8th, 2020|SOC Reporting, Webinars|0 Comments

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report?

Are Pen Test and Vulnerability Scans Required for a SOC 2 Report? There has been much confusion lately in the SOC 2 market as companies seek to understand the need-to-haves vs. the nice-to-haves when it comes to obtaining a SOC 2 report. Much of this confusion was brought about by the December 2018 upgrade of the Trust Services Criteria, and associated Point of Focus, intended to align SOC 2 with the 2013 COSO framework.

By Christian White|2020-01-17T21:17:50+00:00March 20th, 2019|IT Audit and Compliance, SOC Reporting|1 Comment

What is the difference between SOC 2 and SOC for Cybersecurity?

Overview of the SOC for Cybersecurity In 2017 the AICPA published guidance on a new cyber security risk management examination, System and Organization Controls for Cyber Security (SOC for Cybersecurity). [...]

By Christian White|2020-08-25T15:40:52+00:00January 18th, 2018|SOC Reporting|3 Comments