Recently, we have started with a significant number of new clients on ASV scanning projects. This is the PCI scan on networks that needs to be performed by merchants and service providers. Nothing new in that. We have been an ASV for over ten years. What has caught our eye is what has prompted these… Read more »
… nothing for a few weeks and then three come at once. Last Friday afternoon at the office turned into a somewhat sedate – and welcome – end to the working week. Until I took three sales calls one after each other. Nothing notable about that. What was significant was that all asked about how… Read more »
Business owners: is your cyber security health at risk? I can tell you that the bar for cyber security health in many small businesses is very low indeed. There are two important facts I’d like to point out concerning the cyber security health of the nation. Firstly, that the economy consists mostly of smaller businesses, many… Read more »
Ensuring that the Board understands how cyber security risks affect the business – a challenge for all Non-Executive Directors
AMEX now maintains a full list of all PCI DSS compliant service providers. Service providers pay a fee to register, and full details of the scheme are available directly from the AMEX web site.
How much penetration testing and vulnerability scanning does PCI DSS v3 require?
We’re pleased to announce that Ambersail is a Cyber Essentials Certification Body and we can help you achieve either Stage 1 or Stage 2 compliance as required. Cyber Essentials is a UK Government-sponsored scheme open to organisations of all sizes. It includes a formal certification showing adherence to a basic set of information security controls. It is… Read more »
“Essentially, all merchant eCommerce sites that previously escaped mandatory security assessment can no longer be overlooked.” We now anticipate that many small merchants will find their web sites in scope for PCI compliance under PCI DSS v3. We wrote earlier this year concerning the potential for scope changes brought about by PCI DSS v3. Now that the official v3 SAQ documents… Read more »
We note that Apple has just released a document entitled “Secure Coding Guide” and it covers OSX and iOS development. >From the intro: “Secure coding is important for all software; if you write any code that runs on Macintosh computers or on iOS devices, from scripts for your own use to commercial software applications, you… Read more »
The PCI SSC has released the official ROC reporting template for PCI DSS version 3. This is important because it now means that QSA companies can now conduct on-site assessments using PCI DSS version 3. The reporting instructions are available for public inspection here. Related Posts: PCI Penetration Testing 5 Essential Tips For Those New To… Read more »