Everyone in the online payment industry has heard of the Payment Card Industry Data Security Standard, or PCI DSS for short. As a standard, it is not mandatory by [...]
As you can see in my barely updated linkedin page, I’ve been a CiSO for many years. Since 2013, I’ve seen many different merchant profiles. Sadly I also saw many data breaches, and more specifically Cardholder Data breaches. Most of our customers back then got hacked through a variety of means, the most popular being unpatched CMSes. They all shared a glaring, unforgiving trait : PCI-DSS requirements were not being followed.