Blog

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

Why You Should Hire a Virtual Data Protection Officer (vDPO) Now

The Data Protection Officer (DPO) is a role required by the EU General Data Protection Regulation (GDPR). If your organization is subject to GDPR and meets the large-scale data handling factors, you need a DPO. What can you do if you don't have an on-site DPO on staff? A vDPO

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program, Privacy, Red Teaming

The Seven Essential Qualities of a vCISO

Not every business can internally support the staffing and resources necessary to independently develop robust cybersecurity and privacy programs. Fortunately, you can partially or fully outsource to trusted partners the jobs of CISO and IT security

Read More

PCI DSS

PCI DSS 4.0 Release!

Earlier this month, the Payment Card Industry Security Standards Council (PCI SSC) published the official PCI DSS version 4.0. Over the next few months, we anticipate supporting documentation to emerge and QSA training to begin.

Read More

PCI DSS, SOC2, CISO, vCISO, CIS Controls, Security Program

Four Compliance Standards that can Accelerate Your Sales Team

Businesses must comply with a mixture of international, industry-specific and state-mandated cybersecurity regulations and require their vendors to do so. For this reason, compliance with specific cybersecurity standards becomes another way to

Read More

PCI DSS

PCI-DSS –SAD vs. CHD

When it comes to handling payment cardholder data, PCI DSS has many rules about what you must and must not do when it comes to handling payment data. However the most stringent requirements apply to sensitive authentication data (SAD). So, what

Read More

PCI DSS

PCI DSS Truncation Rules and Guidelines

The PCI Security Standards Council's redefined truncation rules are a mess.

Read More

PCI DSS

Five Ways to Reduce the Cost of PCI DSS Compliance

If your company stores, processes, or transmits cardholder data, you need PCI DSS compliance. According to the Verizon 2020 Payment Security Report, within the financial and insurance industries, 30% of breaches were caused by web application

Read More

PCI DSS, CISO, vCISO, Penetration Testing, HIPAA, Security Program, Risk Assessment, Red Teaming

The 0-day in the Room Nobody is Talking About: Scope

Scope is an important shaping tool that, when leveraged properly, can help enhance engagement outcomes during penetration testing, red team and other security operations. Like any tool, however, when used incorrectly it can have devastating

Read More

PCI DSS

PCI DSS Version 4.0: Preparing for the Future

The first quarter of the year 2022 should be an exciting time for everyone working with PCI DSS. The PCI Security Standards Council is scheduled to release first a “Stakeholder Preview” of the long-awaited PCI DSS v4.0, and then, presumably some

Read More

PCI DSS

Common Key Controls Tested in PCI DSS Assessments

As a company interested or required to become PCI DSS compliant, there is a list of key controls you must have in place, and appropriate evidence to be to be retained to provide the PCI DSS assessors during the testing period. Being able to easily

Read More

info@truvantis.com

+1 (415) 422-9844

    © 2024 Truvantis, Inc All Rights Reserved.

    Privacy Policy    Terms of Service