Do your clients know their cardholder data environment?

by Jason McWhirr, Information Security Consultant One of the most important (and underused) first steps for any business or service provider when undertaking PCI DSS is to understand how cardholder data is used within their organisation, its people, departments, and systems. Without first knowing this, it is impossible to know which parts of their organisation […]