Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Video
Video
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Schellman Training
Schellman Training
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Subscribe to Weekly Updates

PCI DSS v4.0

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: MATT CRANE
September 21st, 2023

In June 2023, the Payment Card Industry Security Standards Council (PCI SSC) released a new worksheet entitled “Items Noted for Improvement” (INFI)—while the Council encourages use of this worksheet for assessments based on earlier versions of PCI DSS, organizations undergoing a PCI DSS v4.0 assessment are required to use it.

Blog Feature

Payment Card Assessments | Penetration Testing | PCI DSS v4.0

By: Schellman
September 12th, 2023

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to protect cardholder data. One of the key (and almost always applicable) requirements of PCI DSS is that organizations must perform internal and external penetration testing for the entire scoped environment—this not only applies to systems that store, process, or transmit cardholder data, but also those that can impact the security of cardholder data.

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: ERIC SAMPSON
August 24th, 2023

Among the many changes in the new PCI DSS v4.0 are those regarding requirement 11.4.4, which refers to the remediation of "exploitable vulnerabilities" and "security weaknesses”—though history has more clearly established what is meant by the former, there may be some confusion concerning the latter as organizations continue to make the transition to the new version.

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: Sully Perella
June 13th, 2023

As in nature, many elements function together to support the payment ecosystem, which—as a whole—creates what is our largely digital economy. Of course, due to the sensitivity of the information contained within that ecosystem, some elements are subject to compliance with the PCI DSS security requirements.

Blog Feature

Payment Card Assessments | PCI DSS v4.0 | Multi-Factor Authentication

By: Jon Anderson
April 19th, 2023

In the film classic, Indiana Jones and the Raiders of the Lost Ark, our hero Indy tries to beat the booby trap security in a cave to steal a golden idol. He thinks he’s won when he switches the idol for a similarly sized bag of sand, but then finds he has to navigate flying darts, a dropping wall, and a chasm before he’s through.

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: JOE O'DONNELL
March 23rd, 2023

It seems like Apple releases a new version of the iPhone every year these days, and despite all the new iterations featuring similar looks, builds, and functions, there’s always that period where everyone has to get used to the new thing.

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: Sully Perella
March 14th, 2023

Banking regulation has always been a bit of a tennis match—a back-and-forth between more regulation, and then less. Before the shift to deregulation starting in the 1980s, banks adhered to state and federal banking laws, as well as narrow lines of business. After years of phased-in deregulation, the pendulum swung back. Now regulatory and industry compliance for banks includes more rules than ever before: privacy laws, federal trade regulations, non-bank industry regulations, and community impact reporting.

Blog Feature

Payment Card Assessments | PCI DSS v4.0

By: PHIL DORCZUK
September 27th, 2022

If you hadn’t heard, NASA’s Artemis Program—the first endeavor to go back to the moon in 50 years—has stalled a bit. Though the new rocket—known as the Space Launch System—has been in the works for years, even now that it’s out on the pad and seemingly ready, the agency is taking its time to launch. That’s because NASA knows how high the stakes are—there are billions of dollars invested and their reputation as space explorers of the future is on the line.