The threat of credit card fraud and information theft across the global retail industry has never been more prevalent. PCI compliance, governance and risk management practices are imperative for all organizations interacting with cardholder data.

Herjavec Group is a PCI Qualified Security Assessor (QSA) and Authorized Scanning Vendor (ASV). Our expertise includes the assessment of PCI Data Security Standards (DSS) as well as the implementation or remediation of PCI initiatives.

Certified to Support You 24/7

PCI - Compliant Service Provider

PCI - Qualified Security Assessor

PCI - Authorized Scanning Vendor

Our PCI Compliance Services Include:

  • QSA Report On Compliance On-Site Audits
  • Internal Quarterly Vulnerability Assessments
  • Annual Penetration Self-Assessment
  • Annual Penetration Testing
  • Risk Assessments
  • Questionnaire (SAQ) Preparation and Review
  • PCI Cardholder Data Environment Scoping
  • PCI DSS Controls Gap Analysis
  • Authorized Scanning Vendor Scanning
  • Network Segmentation Designs
  • Remediation Assistance
hg tech design

Accelerate Your PCI Compliance Initiatives with Herjavec Group

  • We offer a hands-on, flexible approach, tailored to meet your organization’s uniqueness and requirements.
  • With comprehensive security expertise in Advisory Services, Identity and Incident Response, we take a holistic approach to your compliance assessment services.
  • We can review your organization’s existing control framework, identifying where you are most vulnerable to cyber threats through penetration tests, social engineering assessments, red-teaming operations, and more.
  • Our cyber experts contribute to the Payment Card Industry Data Security Standards, providing insight on PCI DSS evolutions and revisions. We offer thought leadership through webinars, blogs, and at PCI DSS events.
  • We have decades of experience in Payment Card Industry (PCI) compliance, risk and security frameworks (ISO, NIST), and expertise in emerging privacy domains like GDPR.
  • We’ve been recognized industry-wide as a cybersecurity expert – #4 on MSSP Alert’s Top 250 MSSPs, IDC Security Services Leader and Security Company of the Year from Cyber Defense Magazine.

“We have utilized Herjavec Group as our PCI-DSS assessment for two years now and we continue to be impressed by the breadth of knowledge and experience that Herjavec Group brings to the table. Our experience with the organization continues to be positive and we see them as a valued partner.”

– Senior Manager, Security Risk and Governance,
American Tire Distributors

Customer Success

Customer Success Story

Payment Processor Supporting Billions of Transactions Per Year

Challenges Addressed:​

  • PCI DSS compliance​
  • Tight timelines​
  • Lack of internal resources​

Services Leveraged:​

  • Compliance consulting ​
  • PCI audit

How We Delivered

  • Ability to navigate the client’s highly complex environment:​
    • 2 data centers, 3 offices, 3 call centers, over 1000 systems ​ ​
  • Leveraged two internal teams to provide the consulting service and onsite audit within 2 months​ ​
  • Helped the client build a stronger control framework internally to facilitate a smoother and successful audit the following year

Check Out Our Latest PCI Compliance Blog Posts

Ecommerce Retailers: It’s Time to Update to Magento v2.3Contributed by David Mundhenk, Principal Security Consultant at Herjavec Group...

Read More | Thought Leadership

2 Years Later: How Has GDPR Impacted Your Business?In May 2018, the European Union (EU) enacted a privacy...

Read More | Thought Leadership

Medium: When Shakespeare Ponders the PCI DSS Requirement to be OnsiteContributed by: Ben Rothke joins his longtime coauthor David Mundhenk,...

Read More | Thought Leadership

WEBINAR: Ask the PCI Dream Team Your Toughest Questions [Part 8]On January 14, the PCI Dream Team hosted an interactive...

Read More | Webinar
Read More