Author Archives: Laura K. Gray

FAQ: Can organizations use alternative password management methods to meet PCI DSS Requirement 8?

Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated regularly to address common questions the PCI SSC receives from stakeholders? This searchable tool includes a library of questions and answers on a variety of topics across PCI Security Standards and programs.

New Software Security Framework Programs: Timeline & Key Milestones

PCI SSC has announced the rollout of the Secure Software Lifecycle (Secure SLC) and Secure Software Programs. These new validation programs are intended for use by payment software vendors to demonstrate that both their development practices and their payment software products address overall software security resiliency to protect payment data.

PCI Standards in 2019: Q&A with CTO Troy Leach

What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Officer Troy Leach provides an update on what to expect for changes to existing standards and a look at those in development this year.  

What to Know About the New Card Production Security Assessor Program

PCI SSC is in the process of launching a new program to train and qualify security professionals to perform assessments using the Card Production Security Standards. Gill Woodcock, Senior Director of Certification Programs, provides an update on this effort and how it will improve the security of payments.