• The Significance of the NIST Privacy Framework

    Mali Yared, Practice Director, Cyber Risk Advisory & Privacy, Coalfire

    Kudos to the NIST Privacy Team! Privacy Framework v.1.0 has finally been released. I’ve been tracking the growth of this initiative since the focus group was kicked off in September 2018 and respect its thoroughly explored yet fundamentally grass roots approach. A few points worth bringing to your attention:

    Read more
  • Attention Payment Application Developers: Begin Your Transition from the PA-DSS to the PCI SSF Today

    Nick Trenc, Director, Payments – Solution Validation, Coalfire

    The Payment Card Industry (PCI) Council plans to formally retire the Payment Application Data Security Standard (PA-DSS) in October 2022 and replace it with the PCI Software Security Framework (SSF). For vendors, the new framework expands program eligibility with improved support for evolving architectures / deployment models, streamlines the assessment process, and simplifies listing management. It also provides greater flexibility for meeting security requirements and modernizes the notion of application security for payment applications and the companies that develop them.

    Read more
Top