PCI/Compliance

Ecommerce Retailers: It’s Time to Update to Magento v2.3

Ecommerce Retailers: It’s Time to Update to Magento v2.3

Contributed by David Mundhenk, Principal Security Consultant at Herjavec Group As of June 30, 2020, Magento, an eCommerce software vendor, is ending support for its flagship product Magento v1.0 which includes both Magento Commerce 1 (formerly known as Enterprise Edition) and Magento Open Source 1 (formerly known as Community Edition). With this change, eCommerce retailers around the world may begin to... Read More
July 7, 2020
2 Years Later: How Has GDPR Impacted Your Business?

2 Years Later: How Has GDPR Impacted Your Business?

In May 2018, the European Union (EU) enacted a privacy regulation that would become a turning point for data protection and cybersecurity – the General Data Protection Regulation (GDPR). The goal of GDPR was to change how organizations conducted their data collection and storage practices. It applies to any business or individual that collects, stores, transfers, or processes personal data... Read More
June 4, 2020
Medium: When Shakespeare Ponders the PCI DSS Requirement to be Onsite

Medium: When Shakespeare Ponders the PCI DSS Requirement to be Onsite

Contributed by: Ben Rothke joins his longtime coauthor David Mundhenk, CISSP, CISA, PCI QSA, PCIP, Principal Security Consultant, at Herjavec Group Travel the world With the war raging in Viet Nam, the US Army was having trouble getting enough recruits. The traditional recruitment approaches simply were not working. The Army decided to go to Madison Avenue, and the image below... Read More
March 20, 2020
Herjavec Group Recognized as a Strong Performer on the Forrester Midsize Consulting Wave

Herjavec Group Recognized as a Strong Performer on the Forrester Midsize Consulting Wave

Herjavec Group is thrilled to announce our placement on the Forrester Midsize Consulting Wave. We have been recognized as a Strong Performer.   Herjavec Group’s strengths in privacy consulting, and assessment services (current state, social engineering, pen testing) were called out within the analysis. Herjavec Group also has a proven track record in PCI Compliance as a PCI Qualified Security... Read More
May 30, 2019
WEBINAR: Ask the PCI Dream Team Your Toughest Questions [Part 6]

WEBINAR: Ask the PCI Dream Team Your Toughest Questions [Part 6]

Join Herjavec Group's David Mundhenk, a member of the PCI Dream Team, along with Ben Rothke, Arthur Cooper, and Jeff Hall, for an interactive Q&A session for answers to some of your most vexing PCI questions. With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots... Read More
April 1, 2019
WEBINAR: Convergence of Privacy & Cybersecurity with FeRoot Privacy

WEBINAR: Convergence of Privacy & Cybersecurity with FeRoot Privacy

As the number of privacy and data protection regulations increase, the line between privacy and cybersecurity continues to blur. GDPR, CCPA, HIPAA, GLBA, PIPEDA, FIPPA…many global enterprises are expected to comply with these regulations and maintain compliance moving forward.  Organizations are now spending valuable resources duplicating efforts between privacy and cybersecurity, competing for the same budgets and developing inconsistent messaging... Read More
WEBINAR: Convergence of Cybersecurity & Privacy with FeRoot Privacy

WEBINAR: Convergence of Cybersecurity & Privacy with FeRoot Privacy

Join Herjavec Group's Tabitha Gallo and FeRoot Privacy's Ivan Tsarynny for a webinar on the convergence of cybersecurity and privacy.  The number of privacy and data regulations are continually on the rise. What’s more, many of these new privacy requirements overlap directly with the fundamental mandate of cybersecurity: to identify assets, evaluate risks and threats to those assets, to ensure... Read More
March 4, 2019
PCI DSS 3.2.1: What Your Business Needs To Know

PCI DSS 3.2.1: What Your Business Needs To Know

Herjavec Group Contributor: David Mundhenk, CISSP, PCI QSA, PCIP The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide standard, published and maintained by the PCI Security Standards Council (SSC). It is endorsed and enforced by all major credit card brands and their approved acquirers, and is intended to protect cardholder data wherever it is processed, stored, or... Read More
June 29, 2018
Cybersecurity CEO: What Keeps Chief Information Security Officers Up At Night?

Cybersecurity CEO: What Keeps Chief Information Security Officers Up At Night?

Accountability to the boardroom tops the list of late night worries Los Angeles, Calif. – June 18, 2018 Getting a good night’s sleep has become increasingly difficult for CISOs. The way I see it, there are 3 clear reasons for this and they all center around RISK. After all, aren’t we as Cybersecurity Professionals all in the RISK business? I... Read More
June 14, 2018