Skip to the main content.
Contact
Contact

Blog

Be in touch with our latest news

pci (4)

Control Gap at Vancouver PCI Community Meeting

Control Gap is excited to announce that we will be exhibiting at this year’s @PCISecurityStandardsCouncil Community Meeting on September 17-19....

Read More >

2 min read

What's the minimum I need to do for PCI?

As we complete the 3rd hour of the meeting discussing PCI scope, the customer turns to me and asks, “So what’s the minimum that I need to do to pass...

Read More >

6 min read

This Week’s [in]Security – Issue 115

Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data...

Read More >

2 min read

NIST is Sunsetting Triple DES - so what will the Financial Industry do?

NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by...

Read More >

4 min read

NIST Update to Format Preserving Encryption Standard affects PCI Use Cases

Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation...

Read More >

7 min read

PCI SPoC (PIN on COTS) - Grand Experiment in Mobile Payments

Big changes are coming to payment security in 2019. PCI is launching a grand experiment in payment security - Software PIN on COTS (SPoC) - a subset...

Read More >

3 min read

PCI DSS v3.2.1 - What You Need to Know to Stay PCI Compliant

To accept credit cards in Canada, businesses need to be PCI compliant. Becoming PCI compliant can be difficult in the first place and keeping up...

Read More >

2 min read

If You Take Credit Cards By Phone or Mail - You Need to Read About Visa's October Mandate

PCI Rules Aren't the Only Ones You Need to Comply With

Most organizations concerned with payment compliance are focused on the PCI Data Security...

Read More >

3 min read

PCI DSS May Require Pulling Up Your SOX (or ISO)

Executives and managers in organizations preparing for their first onsite PCI security assessment may feel confident that having passed a SOX audit...

Read More >