The Significance of the NIST Privacy Framework
Mali Yared, Practice Director, Cyber Risk Advisory & Privacy, Coalfire
Kudos to the NIST Privacy Team! Privacy Framework v.1.0 has finally been released. I’ve been tracking the growth of this initiative since the focus group was kicked off in September 2018 and respect its thoroughly explored yet fundamentally grass roots approach. A few points worth bringing to your attention:
Attention Payment Application Developers: Begin Your Transition from the PA-DSS to the PCI SSF Today
Nick Trenc, Director, Payments – Solution Validation, Coalfire
The Payment Card Industry (PCI) Council plans to formally retire the Payment Application Data Security Standard (PA-DSS) in October 2022 and replace it with the PCI Software Security Framework (SSF). For vendors, the new framework expands program eligibility with improved support for evolving architectures / deployment models, streamlines the assessment process, and simplifies listing management. It also provides greater flexibility for meeting security requirements and modernizes the notion of application security for payment applications and the companies that develop them.