PCI DSS 3.2 became mandatory on the 1st of November 2016. The standard has been updated to take into account changes to the threat landscape. This includes the removal of some redundant or duplicate requirements and the addition of new requirements. The new...
The UAE’s National Electronic Security Authority (NESA) is tasked with developing and monitoring the UAE Information Assurance Standards (IAS). The IAS come under the National Information Assurance Framework (NIAF), which itself is part of the Critical...
For many small and medium size organisations it can be a difficult to know where to start with PCI DSS. There is quite a lot of PCI DSS documentation to get your head around, and some of the terminology is difficult to understand initially. Furthermore, your bank (or...
A new version of the standard, ISO 27001:2013, was published on the 25th of September 2013. The new version replaces the older version, ISO 27001:2005. There will be a transition period for organisations to align their ISMS with the new standard and become certified...
PCI DSS requires that the scope of assessment must be checked to make sure the scope is accurate. This check must also be carried out every year. Even if the documented scope means that no cardholder data is stored, there still may be some cardholder details that have...
