PCI Gap Assessments

PCI Gap Assessments

PCI Gap Assessments are a vital resource that allows businesses to assess whether their procedures are aligned with the best industry cybersecurity practices and regulatory requirements such as the Payment Card Industry Data Security Standard (PCI-DSS). A PCI Gap...
Auditing is a two-way process

Auditing is a two-way process

Auditing is a two-way process I know the idea of being audited is not a fun one. I always joke with clients that they should not feel too bad as we, as auditors, get audited ourselves (on workpapers, reports, etc.).  When it comes to the auditing process, however,...
PCI DSS is an Ongoing Process

PCI DSS is an Ongoing Process

PCI is an ongoing process.   PCI is an ongoing process. In my experience, the biggest reasons companies fail their PCI compliance after passing the previous year is due to not staying on top of the ongoing processes required to maintain PCI compliance.  95% of...
Should you have a QSA attest your PCI-SSC SAQ or not?

Should you have a QSA attest your PCI-SSC SAQ or not?

To 3C or not to 3C? That is the business question. Should you have a QSA attest your PCI-SSC SAQ or not? That is a decision business. Lately, we at Silent Storm Security have seen an influx of companies requesting a QSA signature to their PCI-SSC SAQ (Payment...
Silent Storm Security Interview with CEO/CFO Magazine

Silent Storm Security Interview with CEO/CFO Magazine

Silent Storm Security is focused on Simplifying and Taking the Stress out of Cyber Security, HIPAA and PCI-DSS Audits We love what we do, and we get a lot of enjoyment out of seeing the relief that we can provide our clients from the stress of getting audited. We go...
Vendors

Vendors

Vendors Every mid-sized or large company eventually must purchase a cybersecurity product, which means every company must reach out to a cybersecurity vendor. Vendors can help an organization achieve security goals and maintain compliance. Vendors can also provide...