Cyber security news and observations...
For more information, complete the form below and we'll get back to you straight away.
We’re pleased to announce that Ambersail is a Cyber Essentials Certification Body and we can help you achieve either Stage 1 or Stage 2 compliance as required. Cyber Essentials is a UK Government-sponsored scheme open to organisations of all sizes. It includes a formal certification showing adherence to a basic set of information security controls. It is… Read more »
Barclaycard has issued the following positioning statement regarding the Barclaycard Risk Reduction Programme and it’s relationship with the PCI DSS and participating card schemes (Visa, Mastercard, Amex). If you’re a Barclaycard merchant participating in the BRRP, this positioning statement may be of interest to you. If you’d like to find our more about the BRRP,… Read more »
You might be interested to read the recently published output from the PCI Risk Assessment SIG (Special Interest Group). There’s guidance in there on what constitutes a risk assessment process, and what it should cover. The document makes specific reference to PCI DSS requirement 12.1.2: “12.1.2 Includes an annual process that identifies threats, and vulnerabilities,… Read more »
PCI requirement 6.2 “Establish a process to identify and assign a risk ranking to newly discovered security vulnerabilities” includes the additional note: “The ranking of vulnerabilities as defined in 6.2.a is considered a best practice until June 30, 2012, after which it becomes a requirement.” As the summer (at least in the Northern Hemisphere) is… Read more »
