Thomas Stoesser

comforte Blog

The Payment Card Industry Security Standards Council (PCI SSC) continues to evolve its flagship data security standard. The latest version encourages complying organizations to move away from traditional, periodic audits to a process of continuous risk management and monitoring. Yet this is only going to get the desired results if ... Read More

The countdown to PCI DSS 4.0 compliance is on. By 31 March 2025, any organization that stores, processes or transmits cardholder data must align themselves with its exacting requirements. It sets a high bar for such organizations, which is only fitting considering what’s at stake, and the current risks posed ... Read More

Supply chain risk is worrying regulators everywhere. That’s why it’s a critical part of both the new EU Digital Operational Resilience Act (DORA) and NIS 2. It’s also a growing concern for the Payment Card Industry Secure Standards Council (PCI SSC), the body behind the industry’s Data Security Standard (PCI ... Read More

It’s almost time. After several years in the making, the long-awaited compliance deadline for the EU Digital Operational Resilience Act (DORA) is finally here. After Friday, January 17, non-compliant organizations serving customers inside the bloc could theoretically be hit with multimillion-euro fines. The repercussions will be felt not just within ... Read More

Emerging technologies offer IT and security leaders an exciting opportunity. With the right investments, they can build solid foundations to drive competitive advantage and sustainable growth. But such investments also carry risk. To better understand how nascent technologies are likely to mature over time, Gartner’s Hype Cycle reports can be ... Read More

Like most businesses, banks are facing a highly competitive future built on digital services. To succeed, they must modernize their IT infrastructure to deliver the experiences that customers now demand, without incurring the wrath of regulators. Yet the wealth of sensitive information managed by financial services firms ensures the sector ... Read More

Customer trust is critical to long-term business success. But it is dramatically undermined when organizations fail to protect their personally identifiable information (PII). One study claims that two-thirds (66%) of US consumers would not trust a previously breached company with their data. And three-quarters (75%) say they’re ready to cut ... Read More

PCI DSS 4.0 is a non-negotiable industry standard for any organization that stores, processes, or transmits cardholder data (CHD) or sensitive authentication data (SAD). But although its requirements are detailed and can be onerous, there are technology solutions available to help streamline the process of compliance, reduce the operational and ... Read More

In a world beset by geopolitical and economic uncertainty, one thing remains inviolable: the onward march of technological innovation. It is the driver of sustainable growth and better business decision making. It promises to uplift worker productivity, generate cost savings, improve process efficiency and transform user experience. But finding the ... Read More

Financial institutions are among the most regulated businesses in the world. That’s understandable given their role in a key critical infrastructure sector and rising threat levels across the industry. It’s why in the EU, the Digital Operational Resilience Act (DORA) will soon take effect, to improve baseline security efforts in ... Read More