Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Payment Card Assessments | PCI DSS

By: Jesse Eldell
June 12th, 2025

Imagine your computer account is like your house in that you need specific keys to get inside where all your valuables are kept. For years, people relied on simple door locks only requiring one key - like a password, as their main form of security. But clever thieves, known as "phishers," have become really skilled at tricking people into handing over copies of their keys (stealing passwords, codes, and authentication tokens). This growing threat has prompted the need for newer and stronger methods of authentication in payment security, such as phishing-resistant authentication.

Blog Feature

Cybersecurity Assessments | Payment Card Assessments | Compliance and Certification | Privacy Assessments | Federal Assessments | Crypto and Digital Trust | ISO Certifications | Healthcare Assessments | SOC Examinations

By: Christian Underkoffler
April 30th, 2025

In today’s complex and constantly evolving regulatory environment, businesses face an ever-growing array of compliance requirements across multiple frameworks ranging from FedRAMP, PCI, ISO, GDPR, and HIPAA, to name a few. Navigating these compliance waters is increasingly challenging, particularly with regards to cybersecurity and data protection. However, there are measures you can take to significantly refine your compliance processes. In this article, we will explore how streamlining all of your compliance efforts with a single trusted provider can not only simplify your processes but also enhance your overall security posture.

Blog Feature

Payment Card Assessments | PCI DSS

By: Will Sparks
April 22nd, 2025

Transport Layer Security (TLS) is a cryptographic protocol that encrypts data, authenticates connections, and protects the data in transmission. As time passes, new versions of TLS are released to strengthen defenses and maintain an advantage of the constantly evolving threat landscape. Understanding these updates is essential for anyone managing secure systems or handling sensitive data online.

Blog Feature

Payment Card Assessments | PCI DSS

By: Ken Van Allen
April 2nd, 2025

In our digital economy, online shopping has become second nature for consumers worldwide. Yet behind the seamless checkout experiences that we've come to expect lies a complex security challenge that merchants must navigate. With the rise of e-commerce payment processing comes the rise in threats from e-skimming attacks.

Blog Feature

FedRAMP | Payment Card Assessments | PCI DSS

By: Ken Van Allen
March 6th, 2025

Given today’s continually evolving threat landscape, strengthening access controls is an essential element and growing priority of any robust security program. As such, it’s no surprise multi-factor authentication (MFA) has become a widely adopted compliance requirement by a significant number of security standards across industries. That said, it can be difficult to understand the intricacies of the MFA regulations for each compliance framework.

Blog Feature

Payment Card Assessments

By: Salvatore Butera
December 10th, 2024

Across the current digital economy, more and more are going passwordless—with tech conglomerates like Apple, Microsoft, and Google leading the way, organizations are pivoting to other cybersecurity solutions to better secure information and simplify workflows. But replacing passwords with alternatives successfully also means accounting for extended related factors—including those that could impact your PCI DSS compliance.

Blog Feature

Payment Card Assessments

By: Sully Perella
November 7th, 2024

Scoping is a key first step in any compliance assessment, and those who have been through the process understand how vital—and how tricky—it can be. Scoping is particularly crucial in PCI DSS, as drawing your boundaries largely determines which requirements your organization must satisfy, and when you’re operating within a Zero Trust environment, things appear to get more complicated.

Blog Feature

Payment Card Assessments

By: Sully Perella
October 2nd, 2024

Though so much attention has been placed on secure coding to mitigate cyber threats to software, another emerging area of focus is the “software supply chain,” or the “software bill of materials” (SBOM). Why? Because software security doesn’t just depend on secure coding—the individual components of the software, or the SBOM—are equally critical.

{