PCI Compliance

Helping businesses understand obligations with PCI DSS

PCI DSS compliance has been with us for several years and many organizations still treat it as an
annual event rather than a process that needs to be continuously maintained throughout the year. Dealing with PCI compliance as an annual standalone project means incurring unnecessary costs and taking resources and budget away from other projects.
The failure of many projects is due to poor advice and inability to scope the project, and the lack of
internal resource to manage a PCI DSS compliance program.

As a PCI-approved assessor and scanning vendor, our experienced team has hundreds of PCI DSS compliance programs under its belt. We’ll help you to identify gaps in processes, review and suggest practical remediation solutions and provide additional resource if you have limited staff to do the work in house.

We offer a one-stop shop for a full range of PCI DSS services from pen testing, vulnerability scanning and QSA audit support, through to planning and scoping a PCI compliance program.

RIGHT PCI
DSS PARTNER

Why Cyber Knight is for You?

We have been helping organizations meet PCI requirements for years. Our focus is on making sure clients understand PCI data security standards and how to best implement them in a given environment. Cyber Knight’s compliance experts find a balance of risk and security that meets the objectives of each organization. The balance allows organizations to perform at an optimal level while establishing security and regulatory compliance.

If you are asking some of the following questions, but aren’t sure of the answers, contact Cyber Knight to gain a complete understanding of your responsibilities.

COMMON PCI
DSS QUESTIONS

If you are asking some of the following questions, but aren’t sure of the answers, contact Cyber Knight to gain a complete understanding of your responsibilities.

  • Are we considered a merchant, card processor, or issuer?
  • Which level of compliance are we required to meet based on our annual card transaction volume?
  • What version of the Self-Assessment Questionnaire (SAQ) should we file; A, A-EP, B, B-IP, C, C-VT, D?
  • A required control is too costly or burdensome, are there alternative options we can consider?
  • Are we collecting the proper evidence that sufficient controls are in place and operating effectively?
  • Can we store any of the full track (magnetic stripe) data?
  •  What happens if we complete the certification but still have a breach?