Compass IT Compliance Blog

A Closer Look at PCI DSS v4.0 Vulnerability Scanning Requirements

A Closer Look at PCI DSS v4.0 Vulnerability Scanning Requirements

The Payment Card Industry Data Security Standard (PCI DSS) requires vulnerability scanning of any organization’s network assets. Quarterly network scans are required of all companies to be conducted by a certified third-party Approved Scanning Vendors (ASV) or Qualified Security Asses …

Read Story

Only YOU Can Prevent Cyberattacks This October (And Beyond)

Smokey the Bear stands next to a sign that reads "Fire Danger: Moderate"

Some of you may be old enough to remember Smokey the Bear. Created in 1944, the Smokey Bear Wildfire Prevention campaign is the longest-running public service advertising campaign in U.S. history. In 1947, Smokey’s slogan became "Remember... Only YOU Can Prevent Forest Fires".

Read Story

Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0

Self-Assessment Questionnaire (SAQ) A Changes in PCI DSS v4.0

With the recent updates to the Payment Card Industry Data Security Standard (PCI DSS) requirements, many organizations that are currently PCI compliant in accordance with version 3.2.1 may become noncompliant with version 4.0.

Read Story

Using the HECVAT to Measure Vendor Risk

Students gather in a lecture hall

Not a day goes by without a conversation about third-party risk management. Our clients are being bombarded in all directions; asked by regulators, auditors, their clients, and customers alike to complete third-party risk assessments (SIG, CAIQ, HECVAT).

Read Story

Your Guide To Cyber Liability Insurance

A maroon sedan is wrecked in an accident

Unsafe at Any Speed: The Designed-In Dangers of the American Automobile is a non-fiction book by consumer advocate Ralph Nader, first published in 1965. Its central theme is that car manufacturers resisted the introduction of safety features (such as seat belts) and that they were gen …

Read Story

Are You Protecting Your Attack Surface?

An empty office with mostly gray tones

Does your organization understand its attack surface? Gartner, Inc., a technological research and consulting firm, recently published the top trends in Cybersecurity for 2022, with attack surface expansion coming in at number one.

Read Story

Subscribe by email