With the release of PCI 4.0, the countdown has started for organizations already PCI DSS Certified to transition from PCI DSS v3.2.1 to the new PCI DSS v4.0 standard. With the timelines of one year to prepare for v4.0 and two years to fully ready for v4.0 future dated requirements, it is time to
Data Protection by Design
The data protection by design approach assists in an organization’s ability to implement Defense in Depth methodology, which aims to provide deep and continuous data protection to all layers of a system. Defense in Depth methodology works at each stage through controls that ensure in-depth defense
DFARS, NIST 800-171, SPRS, and CMMC 2.0 Explainer for DIB Contractors
If you’d like to know more about how DFARS, NIST 800-171, SPRS, and CMMC all work together, you’ve come to the right place. In this blog, we’ll discuss how these regulations, standards and tools all work together for thorough DoD compliance.
Updates and Changes to ISO 27001:2022
ISO 27001:2022 was recently announced to update and replace ISO 27001:2013. The modernized 2022 replacement features a few adjustments. This blog details a number of the changes and updates made to the standard.
SOC 2 Type 2 – Conformité et certification
SOC 2 Type 2 - Conformité et certification Que signifie SOC ? SOC est l'abréviation de System and Organization Controls et représente un ensemble de normes de conformité développées par l'American Institute of CPAs (AICPA) - un réseau de plus de 400 000 professionnels à travers le monde.
Aide-Mémoire PCI DSS v4.0
La norme de sécurité des données PCI (PCI DSS) a été établie en 2004 par les principaux émetteurs de cartes de paiement. Elle est maintenue par le Conseil des normes de sécurité PCI. Il fournit des exigences opérationnelles et techniques pour protéger les données des titulaires de cartes.
PCI DSS v4.0
The goals for PCI DSS v4.0 are to continue to meet the security needs of the payment industry, to promote security as a continuous process, to add flexibility for different methodologies, and to enhance validation methods. ControlCase is now certified to perform PCI DSS v4.0 Audits.
GDPR Starter Guide
GDPR - Starter Guide “Data is the new Oil” – is a statement which resonates the underlying philosophy for any information security regulation in today’s world. Securing and protecting this data is one of the most important tasks at hand for organizations as well as nation-states. Thus, we are