.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0
by Kyle Daun on September 16, 2022 at 2:45 PM
.jpg)
With the recent updates to the Payment Card Industry Data Security Standard (PCI DSS) requirements, many organizations that are currently PCI compliant in accordance with version 3.2.1 may become noncompliant with version 4.0.
Are You Protecting Your Attack Surface?
by Kelly O’Brien on August 25, 2022 at 1:00 PM
.jpg)
Does your organization understand its attack surface? Gartner, Inc., a technological research and consulting firm, recently published the top trends in Cybersecurity for 2022, with attack surface expansion coming in at number one.
PCI DSS v4.0 ROC Changes – Coming Now to an Organization Near You!
by Derek Boczenowski on August 17, 2022 at 3:30 PM
%20(1).jpg)
The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 is here! It has been released, the documents are available publicly for anyone who would like to read them, and forms for both the 900-pound level 1 Report on Compliance (ROC) and the Self-Assessment Questionnaires …
Ignorance Is Not Bliss When It Comes to Security Assessments
by Kelly O’Brien on May 6, 2022 at 4:00 PM
.jpg)
It is no surprise that bad actors constantly seek to take advantage of current events and changing circumstances to exploit vulnerabilities and gaps in the security of organizations across a myriad of industry verticals and sizes.
Recommendations from CISA's Recent “Shields Up” Warning
by Jesse Roberts on March 10, 2022 at 2:00 PM
On February 26th, 2022, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued immediate Shields Up actions for organizations to take in response to the ongoing conflict with Russia. The basic guidelines are as follows:
Revisiting the Apache Log4j Vulnerability
by Danielle Corsa on March 3, 2022 at 1:00 PM
By now, most are aware of the Apache Log4j vulnerability that was announced in December of 2021. The exposure is widespread in Java applications, and I have been discovering that many companies are affected by it. Remediation is imperative to ensure that attackers do not exploit affec …