How does PCI DSS v4.0 affect an entities website compliance?

PCI DSS is not a new thing, in fact, it has been around since December 2004. As with any security programme it has been regularly updated to ensure it is fit for purpose in the modern day. It’s due another major change moving from its current iteration (3.2.1) to Version 4.0. The latest version is […]

ChatGPT: An Overview of Potential Security Vulnerabilities

ChatGPT is on everybody’s lips. LinkedIn is awash with posts. It’s a hot topic. Depending on what you read, it’s going to improve the world, put us all out of jobs and/or send a T800 to 1984 to kill Sarah Connor. We thought we would jump on the bandwagon and ask it a question of […]

Social Engineering: Smishing & Vishing

On Thursday, 24th November 2022 the Met Police lifted the media embargo to report on the largest fraud case because of social engineering. It has been reported that £48M has been taken collectively, with one victim reportedly losing £3m. Sky News’ report can be read here:  UK’s Biggest Fraud Sting Takes Down Phone Bank Scam that […]

PCI DSS version 4.0 Release Schedule

The PCI SSC has announced that PCI DSS version 4.0 is scheduled for publication at the end of March 2022. A number of our QSA clients have been longing for a peek at the draft version, however I’ve signed my life away under a non-disclosure agreement with the PCI SSC so I’m still obligated to […]

WFH or returning to the office – one clear requirement

  WFH OR RETURN TO THE OFFICE – ONE CLEAR REQUIREMENT   The pandemic has caused a huge shift in the way we work. But as the UK continues to lift its Covid measures, whether your staff remain at home, come back to a desk-bound role, or mix and match dependent on need, space and […]

Redundant QSAs: Working Smart, Side-Stepping the Rabbit Hole & Streamlining

Are your QSAs wasting your time (and money)? Your QSA shouldn’t just be ensuring you are PCI DSS compliant. They should be side-stepping the potential rabbit hole, creating a value-added service, and making their roles (sort of) redundant. The result? Control reduction (does 240 to 21 sound acceptable?) The benefit? You save money, time and […]

We (nearly) got Phished: How Staff Complacency & Misconceptions are your BIGGEST Threat

Don’t be fooled – long gone are the days where phishing scams were clumsy, clunky, and oddly written, suggesting that you transfer money or claim your free prize. Now, the oh-so-sophisticated scams make us feel safe and looked after. They often gently request an update of information and, seemingly, nothing more. However, we are still […]

Recruit-A-Criminal!

We’re currently recruiting within the business, it’s a positive sign, it means that we are growing and able to take on even more clients. We’re hoping that the new recruit will add a new dimension to us by introducing their own thoughts and experiences. This is what we hope. Hope. I hate “hope”. Hope isn’t […]