Today, Sysnet Global Solutions a leading provider of cyber security and compliance solutions to the payments industry, announced that it has partnered with Elavon Merchant Services to develop Secured Pro; a managed PCI compliance validation and cyber security service that offers enhanced protection against fraud and payment security breaches. “A new approach to compliance […]
The recent global ransomware attack, referred to as ‘WannaCry’, that resulted in over 45,000 attacks and infected major companies, hospitals and other government institutions, unfortunately caught many off guard. WannaCry targeted computers running Windows operating systems that had not been updated with a security update released by Microsoft in March 2017, as well as computers […]
By Peter Burgess, PCI-QSA, CISSP, CISM (Ret), CIPT US based travel industry company Sabre Hospitality Solutions, which provides SaaS (Software as a Service) to more than 36,000 properties, has alerted hotels that a hacker has apparently breached its SynXis Central Reservations application SynXis Enterprise Platform and may have stolen payment card data and customer personal […]
By Paul Prior, Senior Vice President Client Engagement As recently reported (BBC, CNBC), MasterCard have just released a payment card with an in-built fingerprint sensor. There is no question that the introduction of EMV has had a significant impact on driving down card-present fraud and while fingerprint scanners are not foolproof this type of biometric authentication […]
April 27th, 2017, Dublin, Ireland. Patrick Condren, Chief Information Officer at Sysnet Global Solutions was recently acknowledged in publication Business & Finance as part of the magazines CIO 100 edition. The CIO 100 recognises the top 100 chief information officers who are the key contributors to formulating organisational goals. As mentioned in the article, […]
Requirement 11.2.2 of the Payment Card Industry Data Security Standard, otherwise known as the ASV scanning requirement, affects a significant number of businesses. These businesses need to engage an Approved Scanning Vendor (ASV to run external vulnerability scans quarterly. It can be difficult for these companies to understand what ASV external vulnerability scanning is, what […]
By Natasja Bolton, Acquirer Support Manager Mobile Payments, a broad term covering consumer and merchant-initiated mobile payment methods, have been gaining acceptance in the market place; however, have these methods achieved broad acceptance with consumers and businesses alike? In our article ‘State of Pay – have mobile payments reached a turning point?’ we explored […]
Most businesses have to comply with multiple information security related standards and regulations. In our experience the average is 3. These can include but are not limited to PCI DSS, GDPR, ISO 2700, Sarbanes Oxley, HIPAA, Cyber Essentials, POPI and even audits by clients.
The EU’s General Data Protection Regulation, or GDPR for short, will come into force across all EU Member States from 25th May 2018. GDPR will affect the processing and movement of the personal data of approximately 500 million citizens.
Online commerce has created incredible new opportunities for businesses to market and sell services globally. Many businesses, in particular small to medium ones, often do not consider that they could be targeted by cyber crime. The reality, unfortunately is that small to medium businesses are now very much being targeted by cyber criminals as many […]
Dublin, Ireland / Cape Town, South Africa. Sysnet Global Solutions, a leading provider of cyber security and compliance solutions, today launched its Combined Assessment Model at the PCI Security Standards Council’s Middle East and Africa Forum in Cape Town, South Africa. Sysnet’s Combined Assessment Model (CAM) is a single assessment model that covers many standards. It […]
On March 9th, we officially launched our new US Customer Contact Centre in Atlanta, Georgia. Both Commissioner Pat Wilson of the Georgia Department of Economic Development and Gabriel Moynagh, CEO at Sysnet cut the ribbon to officially launch the opening of the new centre. The launch proved to be a great success and was attended […]
End-to-End Encryption (E2EE) and Point-To-Point Encryption (P2PE), are the two main ways that payment card data is protected when a transaction is made at a Point-of-Sale (POS) terminal. Both encryption methods have their pros and cons, however what those differences are and understanding the impact on a business of choosing one over the other can […]
March 9th, 2017, Dublin, Ireland / Atlanta, Georgia. Today, Commissioner Pat Wilson of the Georgia Department of Economic Development officially opened Sysnet’s new customer contact centre located at 1001 Perimeter Summit Boulevard. Sysnet Global Solutions is a leading provider of cyber security and compliance solutions to the payments industry. The new centre will provide services […]
In May last year, in advance of the introduction of the PCI DSS v3.2 SAQs (Self-Assessment Questionnaires) we created a downloadable fact sheet to explain in detail the impact of the updated Standard on the SAQ types.
In December, Visa published a Security Alert warning of an increasing fraud threat, as the U.S. EMV migration continues, from “criminals placing skimming devices on or in attended and unattended point-of–sale (POS) devices for the purpose of collecting payment card information, including PIN numbers”.
Information Security is complex. Understanding risk and implementing appropriate mitigating controls, be they technical or otherwise, is a challenge for organisations of any size. There is no getting away from that, but witchcraft?
With its expanded content, fully revised diagrams of the e-commerce implementation methods and inclusion of case studies the 2017 guidance is a useful reference for merchants and services providers alike.
By Natasja Bolton, Senior Acquirer Support QSA Steps to protect small businesses from this year’s security threats As 2017 rolls out, we continue to explore the security threats and cyber-attacks expected to feature this year. Following on from part 1 which can be read here, in part 2 we examine other risks such […]
Conducting an outreach campaign can be tricky to get right as well as resource heavy. Responding to market conditions while also proactively engaging your customers through their preferred channels can be difficult to achieve successfully. It can make sense to outsource, however often providers are not specialised or experienced enough in conducting an outreach security and compliance […]
By Natasja Bolton, Senior Acquirer Support QSA Steps to protect small businesses from this year’s security threats This week we explore some of the security threats and cyber-attacks expected to feature in 2017. As these risks could impact your small business customers we highlight actions that businesses can take to protect themselves, so […]
Jan 12th, 2017, Dublin, Ireland / Atlanta, Georgia – Gov. Nathan Deal today announced that Sysnet Global Solutions, a leading provider of cyber security and compliance solutions to the payments industry, will create more than 500 jobs and invest $2 million in an U.S. Contact Center in DeKalb County.
With 2017 having only commenced and with many businesses planning for the year ahead, it can be an ideal time to reach out to your customers. The most successful approach is via a multi-channel campaign. If your organisation is planning such a campaign then Sysnet can help. We have the experience and expertise to make it […]
By Natasja Bolton, Senior Acquirer Support QSA Since the earliest iterations of the PCI DSS, the standard has included the requirement for scoping and has referenced network segmentation as a method of reducing the scope, cost and difficulty of a PCI DSS assessment. For just as long organisations, QSAs and ISAs have been seeking further guidance […]
Sysnet provides qualified assessment of Ecentric Payment Systems’ Decryption Environment component against P2PE V2
Another Global First Dublin – Ireland, Cape Town – South Africa Sysnet Global Solutions today announced that it is the first organisation, globally, to provide qualified assessment for a P2PE version 2 Decryption Management Service. Ecentric Payment Systems, one of South Africa’s preferred payment processors, has been listed as a decryption provider component against […]
The PCI Council recently published a supplement document entitled ‘Guidance for PCI DSS Scoping and Network Segmentation’. The driver for the new guidance document was in response to common questions received from industry stakeholders on scoping and segmentation. The methods outlined within the guidance were formed in collaboration with the council’s board of advisors and […]
The PCI DSS v3.2 Self-Assessment Questionnaires requires that all merchants have an Incident Response Plan, regardless of their size, volume of transactions or the extent to which they have outsourced the handling of payment card data. This is to make sure they can respond effectively in the event of a breach that could impact payment […]
by Leon van Aswegen, Senior Consulting Manager In the last two years, the PCI P2PE Standard has gained in popularity amongst Acquirers, Solution Providers, Merchants and their assessing QSAs. This is because PCI P2PE Solutions provide independently assured protection for account data from the point of capture, reducing where and how PCI DSS requirements […]
Version 2 of the Payment Application Data Security Standard (PA-DSS) was retired on the 28th October 2016. In the article, ‘Updated: Payment Application Data Security Standard (PA-DSS)’, we discussed what the impacts of the latest version of PA-DSS, version 3.2 were. In this follow up article we explore the impact of continued use of PA-DSS […]
With the major holiday season just around the corner, many retail businesses are gearing up for the shopping frenzy to commence. Increasingly customers are turning to online shopping to avoid queues and to bag a bargain. Therefore it is essential that online retailers are prepared to service the high customer demand. Unfortunately for retailers, cyber […]
The deadline for the Visa security program’s new annual compliance requirement for Level 4 merchants is getting closer. Starting from January 31st 2017 all US and Canadian acquired Level 4 merchants are required to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS) yearly. Or if eligible, the merchants must be […]
At Sysnet we believe that the industry should take a different direction. Replace the non-compliance fee with compliance and security value-added services. By doing so, it will make compliance and security services easier to consume for businesses. Whiles for organisations, they can achieve their objectives of reducing risk without damaging customer relationships. In […]
The end of October marked the one year anniversary of EMV. As expected there have been a few highs and lows during this time. The transformation has overall been successful with fraud largely dropping and consumer adaptation at a high, however small to medium businesses still have a way to go in relation to getting […]
By Natasja Bolton, Senior Acquirer Support QSA In our previous articles on the progress of the EMV deployment in the U.S. we noted that EMV was expected to drive criminals away from Card Present counterfeit card fraud to Card Not Present (CNP) fraud. CNP fraud has indeed proliferated in the U.S. since the October […]
In a previous article, written by Sysnet’s Paul Prior, Paul mentioned how he believed that a change was necessary in the industry. A move away from using non-compliance fees as a mechanism to drive engagement and compliance. He highlighted that most of Sysnet’s clients are evangelising the importance of PCI DSS, however not in […]
Small to medium businesses can find it a struggle to navigate security and compliance standards such as PCI DSS. Therefore resources that can make the process that little bit easier and less complicated are often received very positively. Helpful assistance This is why we provide a download-able information security policy template for our […]
By Paul Prior, Senior Vice President Client Engagement In light of the upcoming US presidential election, it occurred to me that it would be fun (and worthwhile) to reflect on a previous campaign message from a different Clinton in the context of our business. In 1992, James Carville was the campaign strategist for Bill Clinton who […]
Non-compliance fees are viewed by many as an acceptable short-term solution to a merchant’s unwillingness to engage with a compliance program. However, often despite the best efforts by acquirers, some merchants continue to remain disengaged. So when a merchant ignores notifications regarding their non-compliance status and the application of non-compliance fees, it may be time […]
By Natasja Bolton, Acquirer Support Manager The General Data Protection Regulation, or GDPR for short, will affect the processing and movement of the personal data of the approximately 500 million citizens populating the EU Member States. The new legislation will apply across all EU Member States from 25th May 2018. Furthermore, the GDPR has […]