Preparing for your first PCI DSS v4.0 assessment

SEC Adopts New Rules on Cybersecurity Risk Management, Incident Disclosure, and Ransomware Payments by Public Companies

Discover the new rules regarding cybersecurity risk management, incident disclosure, and ransomware payments being adopted by the SEC in an effort to enhance cybersecurity transparency and accountability for public companies and foreign private investors.

Read Now

Read Post

Securing the End Zone: Achieving PCI Compliance Excellence for an NFL Franchise

Navigating the Compliance Touchdown: VikingCloud’s Strategic Approach to Safeguarding Financial Transactions and Fan Data in the World of Professional Football.

Web Risk Monitoring

Patented Cloud-Based URL Monitoring Services that Save Time and Reduce Risk.

5 Best Practices for Securing Your Small Biz

Outlines 5 best practices to secure your small business

How to Prepare for Heightened Board Involvement in Cybersecurity

The Security Management article by Claire Meyer discusses the U.S. Securities and Exchange Commission’s (SEC) new requirement for companies to disclose material cybersecurity incidents

PA-DSS Transformation to SSF

Learn the details of the new Secure Software Framework standard and why your organization needs to switch to the new standard to get assurance that applications being used are validated and protected.

The PCI Point-to-Point Encryption (P2PE) Program

Helps merchants understand becoming PC DSS compliance while using a P2PE system

How Can Your PCI Compliance Efforts Ultimately Save Your Business Money?

How making your data more secure by adhering to PCI guidelines can save your business money

PCI Security Standard Council Announces New SLA Timelines - Effective September 27, 2023

Find out how the PCI Security Standard Council’s new Assessor Quality Management submission timelines will affect your organization.

The 2019 PCI Compliance Annual Plan

A month by month plan to follow to complete your PCI DSS compliance

Cyber Threat Unit Spotlight: Chesley Moodley

This blog takes a close look at the work VikingCloud's Cyber Threat Unit carry out and focuses in on Chesley Moodley

PCI Compliance and Your Website: A Guide

What e-commerce merchants need to consider when completing PCI DSS compliance

Internal vs. External Vulnerability Scans: Why You Need Both

We explain the differences between internal and external vulnerability scan and why your organization may need both

Cybersecurity Awareness Month – 7 Tips to Keep Your Organization Safe from Cyber Threats

During Cybersecurity month and year-round, keep your organization safe from cyber threats with our easy guide to the seven most common and dangerous threats.

Microsoft Ending Support for Windows Server 2003

Microsoft recently announced that it is ending support for the Windows Server 2003 operating system on July 14, 2015.

Services and Solutions

Reliable connectivity solutions for every facet of your business.

CISOs on alert following SEC charges against SolarWinds

TechTarget’s article by Arielle Waldman explores the growing pressure on CISOs for proactive cybersecurity measures in the wake of the SEC’s complaint against software company SolarWinds.

Cyber Threat Unit Spotlight: Jay Turla

This blog spotlights Jay Turla, Principal Security Consultant, Philippines

LockBit down but far from out

TechFinitive delves into the impact of global government efforts against Lockbit, the notorious ransomware syndicate known for its widespread digital extortion campaigns.

Spin the InfoSec Color Wheel - You Landed on Red!

This blog article details the concept of using the InfoSec color wheel to provide a clearer understanding of where an organization is and should aim to be – in a traditional security maturity model.

Asking around: What will the boardroom be talking about in 2024?

IT Brew’s article by Billy Hurley provides insight into what IT topic will be the most discussed in boardrooms in 2024.

Is PCI Compliance a Law? Should it be?

Examines the legal side of a merchant completing PCI DSS compliance

How To Select A PCI Compliant Service Provider: Advice For Small Business Owners

Explains what small business owners need to consider when they are selecting a service provider

Small Business and PCI Cost vs. Benefit

Explains why small businesses need to comply with PCI DSS along side it’s costs and benefits.

NIST Cybersecurity Framework 2.0: A Deep Dive into the New Governance Function

In today’s digital landscape, the need for robust cybersecurity practices has never been greater. With the rapid growth of cyber threats and attacks, organizations across all sectors constantly seek ways to bolster their defenses and protect sensitive data.

Integrating CVSS 4.0 into VikingCloud Penetration Testing

This blog discusses the upcoming changes and improvements in the new Common Vulnerability Scoring System (CVSS) version 4.0 and VikingCloud’s adoption plans for use in its penetration testing.

THOR AI: Reducing Cyber Risk for At-Risk Businesses

Additional insight on VikingCloud’s first-of-its-kind,patent-pending, generative AI-powered cybersecurity chatbot.

Editor’s Note: Payment Card Industry Data Security Standard (PCI DSS) compliance and cybersecurity program Merchant Compliance Levels Definition

Both Visa and Mastercard have specific merchant category definitions for all businesses that store, process, or transmit card holder data. PCI DSS compliance requirements vary by merchant level.

PCI DSS 4.0 - Summary of Changes

This blog article discusses the PCI SSC Summary of Changes document - a supplement to the new release of PCI DSS v4.0.

PCI DSS 4.0 - Self Assessment Questionnaires

This blog article takes a comparative look at the differences in the PCI SSC Self-Assessment Questionnaires

How women in payments, fintech, and cybersecurity are breaking the glass ceiling?

This blog examines how women, including VikingCloud's Natasja Bolton, are breaking the glass ceiling in payments, fintech, and cybersecurity industries.

The Real Cost of Data Breach

Explains the real cost of a data breaches

In a comply-or-else industry, this payment solutions provider doesn’t just clear the bar, but surpasses the competition.

Compliance isn’t optional in the payment card industry—it’s mandatory. That’s why a Latin American-based payment solutions provider relies on VikingCloud’s extensive cybersecurity and compliance expertise to maintain its top-level cyber defense—and PCI compliance status.

PCI DSS v4.0 and the Evolution of the Self-Assessment Questionnaire (SAQ) for E-commerce Merchants

This blog takes a look at how e-commerce merchants can prepare for full PCI DSS v4.0 compliance, and urges them to work with their web and payment providers to confirm a number of aspects.

PayPal and the PCI DSS

Examines how PayPal relates to PCI DSS compliance

Protecting Your Business from Phishing Attacks

This Infographic identifies the actions you can take to help avoid phishing attacks.

How To Secure Your Software Supply chain

Learn the best practices of implementing a proactive cybersecurity posture and ensuring your software supply chain remains secure in this blog article.

3 Basic Ways to Avoid PCI Paralysis

Examines how basic defenses can prevent breaches and the importance of completing PCI DSS compliance to prevent this

5 Reasons Your Customers May Not Trust You With Their Personal and Financial Data

How do customers come to decision of which business they do and do not share their personal and financial data with.

5 Security Tips for Small IT Teams

Cybersecurity attacks are increasing and maintaining security is becoming more difficult especially for small IT teams

Beyond Fingerprints: Exploring Behavioral Biometrics for Secure Identity Verification

This blog discusses the benefits, limitations, and risks of behavioral biometrics.

Serving Up Reliable Security

A U.S. based Restaurant Management Company chose VikingCloud for security and compliance management

VikingCloud™ Achieves PCI Forensic Investigator Certification

The Payment Card Industry Security Standards Council (PCI SSC) has certified one of the largest security vendors in the world,

Demystifying PCI DSS requirements: Penetration & segmentation testing

Learn about the process, key terms used, and the requirements of penetration and segmentation testing to maintain compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements in this blog article.

New “Backoff” Point-of-Sale Malware Alert

Looks at a POS malware which had low anti-virus detection rates

Introducing PCI DSS 4.0

This blog article summarizes the upcoming changes planned for PCI DSS v4.0 and what your organization needs to do to prepare a migration plan.

Finding The Cure for Swelling Cyber-threats

How a regional health care system leveraged VikingCloud to build a modern security strategy to help reduce new cyber risks

No Windows XP Support, No PCI Compliance?

Explains to merchants how still using Windows XP will affect their PCI DSS compliance

Programs for Acquirers, ISOs, and Processors

Increase Compliance and add Value for your Small Business Clients.

“How Do I Report a PCI Violation?”

We explain how you can report a PCI violation and what you need to know before you do so.

Merchant? Service Provider? Or Both?

Helps readers who are completing PCI compliance whether they are merchants or service providers

3 Generative AI Security Risks Retailers Should Beware of

The Total Retail article discusses the need to understand how cybercriminals are using AI to infiltrate systems, where common exposure points are located, and how to assess the supply chain for vulnerabilities.

PAYSTRAX Selects VikingCloud’s Patented Web Risk Monitoring to Mitigate Merchant Fraud

VikingCloud, a leading global provider of cybersecurity and compliance solutions has announced a new client partnership for its

Voice

Cut Your Business Phone Bill in Half.

5 “Buts” Your QSA Doesn’t Want to Hear

5 excuses a QSA does not want to hear regarding a merchants PCI DSS compliance

PTS POI v3 Device Expiration: Are You Ready?

Explains how merchants need to prepare for the expiration of PTS POI v3

A different kind of food safety

Axfood, a major grocery company located across Sweden, maintained strict compliance with the Payment Card Industry Data Security Standard (PCI DSS) while also ensuring it’s card-not-present security solution was as robust as possible.

Security maturity: it is time for organizations to come of age

Learn more about the levels of security maturity, how to raise your business level of maturity, and implementing the appropriate security framework for your business in this blog article.

Ransomware in 2022 and beyond

We discuss the future of ransomware and detail the defense tactics for keeping your organization secure from cybercriminal tact

PCI DSS v4.0: Authenticated Scans

This blog article details the PCI standard compliance requirements for conducting internal vulnerability scans via authenticated scanning.

“Are ‘Knuckle Busters’ PCI Compliant?”

how can I process credit cards without taking a manual imprint of the card?

How Do Cybercriminals Profit From My Stolen Data?

This Infographic identifies types of PII, how cybercriminals use it, and how organizations should protect it.

PCI DSS 4.0: Multifactor Authentication

In this blog article, you will learn the details of when and where an organization needs to implement multifactor authentication to meet PCI compliance requirements.

What to look for in a PCI Forensic Investigator

Learn more about PCI Forensic Investigators including qualifications, how to select, when to engage, and avoiding common pitfalls of engagement in this blog article.

Updated U.S. Cyber Guidelines Place Emphasis on Risk Governance

The Global Association of Risk Professionals article by David Weldon highlights a recent move by the NIST to update its CSF

You’re Non-Compliant with PCI. Now What?

Explains the best practices for merchants who are PCI non-compliant and the next steps they can take

VF Corp. discloses cyberattack on first day of new SEC rule

The Digital Commerce 360article covers the recent disclosure to the SEC by VF Corp. regarding the unauthorized occurrences on their IT systems as well as discusses similar cyberattacks on other organizations.

PCI DSS v4.0 Compliance: 5 Key Reasons to Define Roles and Responsibilities

Discover why and how to ensure you know who owns what during a cybersecurity incident in this blog article.

Managed Compliance Services

World Class Compliance and Risk Solutions.

How You Can Use Tokenization to Reduce PCI Scope

Describes how businesses should implement tokenization to reduce their scope when completing PCI DSS compliance.

The Power of Proactive Cybersecurity Using Ethical Hackers

A global technology company didn’t want to wait for a cyberattack to test the strength of its systems. Instead, it hired VikingCloud’s Cyber Threat Unit

Cyber attackers and defenders are racing to up their AI game

The CSO article by Cynthia Brumfield discusses how Artificial intelligence’s power and fast evolution are rapidly altering the cybersecurity landscape

Penetration Testing

Our dedicated team will work with yours to help remediate and plan for the ever changing threat scenarios.

What in the World is a Qualified Integrator and Reseller?

Explains what a qualified integrator and reseller and why you may need one.

Staying PCI DSS compliant as the global payment landscape evolves

Elevating security standards: A case study on sustaining PCI DSS Level 1 Compliance for Jula Holdings through proactive solutions and robust risk management.

The PCI DSS, Chaining and the Franchise Relationship

How the PCI DSS are assigned to chaining and a franchise relationship

“Does my backup services business need to be PCI compliant?”

Discussion on whether ‘Backup service’ businesses need to become PCI compliant

ISO 27002:2022

With the release of ISO 27002:2022, this blog article summarizes the changes, implications, and impact to your risk treatments if your ISMS is implemented or certified according to ISO27001.

Cybersecurity Awareness Month: See Yourself in Cyber

To kick off cybersecurity awareness month, we’ve collected a list of websites and resources from around the globe

VikingCloud Announces Industry’s First Generative AI-Powered Chatbot Combining Real-Time Cybersecurity and PCI Compliance Intelligence

VikingCloud today announced THOR AI (Threat Hunting and Orchestrated Response), a first-of-its-kind generative AI-powered cybersecurity chatbot.

Fueling a Healthy Diet

How a non-profit grocers trade association partnered with VikingCloud to provide leadership and guidance to independent grocer operators and their suppliers to help educate and improve their businesses.

Five Steps Before Using a Mobile Device to Accept Credit Cards

How mobile payment technology impacts your business.

Proactive Data Security

PDS Shifts from do-it-yourself to a Managed Service.

PCI and storage of PAN

This blog article covers the details of merchant levels and compliance responsibility for entities who store, process, or transmit cardholder data.

Phishing 101: everything you need to know to protect your business

For cybersecurity awareness months, this blog article takes a deep dive into phishing emails

Will EMV Make You PCI Compliant?

Does introducing EMV to your business environment make you PCI compliant?

What is an Endpoint Protection Platform?

Learn more about Endpoint Protections Platforms – what they are, how they work, and when they should be utilized in this blog article.

PCI DSS 4.0: Targeted Risk Analysis

In this blog article, learn how a Targeted Risk Analysis can help define and design controls to meet security and compliance objectives, and what requirements and situations would warrant its use.

Improving Security Awareness - Best Practices

Best practices for improving security awareness in your organizations

3 Common Pitfalls to Meeting PCI DSS Compliance

We look at three of the most commonly identified issues when an organization is audited for PCI compliance by an external party. This article also offers some tips to avoid these pitfalls.

Ensuring Penetration Testing Leads to Security

This blog article provides best practices for making sure your penetration testing strategy and framework is successful and compliant.

Endpoint protection; a vital tool in the battle against ransomware

Learn about ever-changing and increasing cybersecurity threats, what is ransomware, and the benefits of endpoint protection as part of the risk management plan in place for your organization in this blog article.

Why there’s no one-size-fits all solution to security maturity

The TechRadar article by VikingCloud Chief Product Officer, Kevin Pierce, discusses the need for a targeted and company-size-specific cybersecurity plan

Cloud Security and Zero Trust

Discover how Zero Trust architecture can help organizations improve their breach detection and response in this blog article.

Security Logging and Monitoring (PCI DSS Requirement 10): Why all the Fuss?

PCI DSS requirement 10 causes a lot of fuss, we aim to clear up why this requirement is in place

PCI DSS v4 Transformation when using PCI DSS v3.2.1 validated TPSPs

This blog article covers the details of ensuring compliance with PCI DSS v4.0 as organizations migrate to the new version and the validation requirements if utilizing third-party service providers.

PCI DSS 4.0 - Risk vs. Requirement

In the blog article, learn about the PCI DSS v4.0 Report on Compliance Template FAQ which identifies the PCI compliance secure payment solutions that can be picked for any requirement.

Read Now

Read Post

Preparing for your first PCI DSS v4.0 assessment

Insights into PCI DSS v4.0

VIKINGCLOUD NEWS & RESOURCES

High Availabilty Solution

What’s the best practice for masking or truncating PAN data?

“Can We Securely Store Card Data for Recurring Billing?”

SEC Adopts New Rules on Cybersecurity Risk Management, Incident Disclosure, and Ransomware Payments by Public Companies

Securing the End Zone: Achieving PCI Compliance Excellence for an NFL Franchise

Web Risk Monitoring

5 Best Practices for Securing Your Small Biz

How to Prepare for Heightened Board Involvement in Cybersecurity

PA-DSS Transformation to SSF

The PCI Point-to-Point Encryption (P2PE) Program

How Can Your PCI Compliance Efforts Ultimately Save Your Business Money?

PCI Security Standard Council Announces New SLA Timelines - Effective September 27, 2023

The 2019 PCI Compliance Annual Plan

Cyber Threat Unit Spotlight: Chesley Moodley

PCI Compliance and Your Website: A Guide

Internal vs. External Vulnerability Scans: Why You Need Both

Cybersecurity Awareness Month – 7 Tips to Keep Your Organization Safe from Cyber Threats

Microsoft Ending Support for Windows Server 2003

Services and Solutions

CISOs on alert following SEC charges against SolarWinds

Cyber Threat Unit Spotlight: Jay Turla

LockBit down but far from out

Spin the InfoSec Color Wheel - You Landed on Red!

Asking around: What will the boardroom be talking about in 2024?

Is PCI Compliance a Law? Should it be?

How To Select A PCI Compliant Service Provider: Advice For Small Business Owners

Small Business and PCI Cost vs. Benefit

NIST Cybersecurity Framework 2.0: A Deep Dive into the New Governance Function

Integrating CVSS 4.0 into VikingCloud Penetration Testing

THOR AI: Reducing Cyber Risk for At-Risk Businesses

Editor’s Note: Payment Card Industry Data Security Standard (PCI DSS) compliance and cybersecurity program Merchant Compliance Levels Definition

PCI DSS 4.0 - Summary of Changes

PCI DSS 4.0 - Self Assessment Questionnaires

How women in payments, fintech, and cybersecurity are breaking the glass ceiling?

The Real Cost of Data Breach

In a comply-or-else industry, this payment solutions provider doesn’t just clear the bar, but surpasses the competition.

PCI DSS v4.0 and the Evolution of the Self-Assessment Questionnaire (SAQ) for E-commerce Merchants

PayPal and the PCI DSS

Protecting Your Business from Phishing Attacks

How To Secure Your Software Supply chain

3 Basic Ways to Avoid PCI Paralysis

5 Reasons Your Customers May Not Trust You With Their Personal and Financial Data

5 Security Tips for Small IT Teams

Beyond Fingerprints: Exploring Behavioral Biometrics for Secure Identity Verification

Serving Up Reliable Security

VikingCloud™ Achieves PCI Forensic Investigator Certification

Demystifying PCI DSS requirements: Penetration & segmentation testing

New “Backoff” Point-of-Sale Malware Alert

Introducing PCI DSS 4.0

Finding The Cure for Swelling Cyber-threats

No Windows XP Support, No PCI Compliance?

Programs for Acquirers, ISOs, and Processors

“How Do I Report a PCI Violation?”

Merchant? Service Provider? Or Both?

3 Generative AI Security Risks Retailers Should Beware of

PAYSTRAX Selects VikingCloud’s Patented Web Risk Monitoring to Mitigate Merchant Fraud

Voice

5 “Buts” Your QSA Doesn’t Want to Hear

PTS POI v3 Device Expiration: Are You Ready?

A different kind of food safety

Security maturity: it is time for organizations to come of age

Ransomware in 2022 and beyond

PCI DSS v4.0: Authenticated Scans

“Are ‘Knuckle Busters’ PCI Compliant?”

How Do Cybercriminals Profit From My Stolen Data?

PCI DSS 4.0: Multifactor Authentication

What to look for in a PCI Forensic Investigator

Updated U.S. Cyber Guidelines Place Emphasis on Risk Governance

You’re Non-Compliant with PCI. Now What?

VF Corp. discloses cyberattack on first day of new SEC rule

PCI DSS v4.0 Compliance: 5 Key Reasons to Define Roles and Responsibilities

Managed Compliance Services

How You Can Use Tokenization to Reduce PCI Scope

The Power of Proactive Cybersecurity Using Ethical Hackers

Cyber attackers and defenders are racing to up their AI game

Penetration Testing

What in the World is a Qualified Integrator and Reseller?