Compared to other security standards such as ISO27001, PCI DSS is often considered a prescriptive standard because of its list of mandatory controls which an organization has to implement. Unfortunately “ticking” the compliance box for any given control does not necessarily mean the control is effective nor that information is securely managed. Achieving compliance with PCI DSS requires a diverse set of competences beyond just the ability to implement security controls. An organization must be able to minimize information exposure and opportunities for a breach through network and system re-design, process re-engineering, choosing and deployment complex technologies. Most organizations often engage directly with a PCI DSS QSA and go through a repeated set of audits until they “get it right”. Unfortunately such approach leaves the organization with little or no guidance towards achieving compliance with PCI DSS and it usually results in long and costly certification process.

Silensec can help an organization achieve compliance with PCI DSS by helping the organization in:

    • Defining a suitable scope of compliance

    • Managing the implementation of security controls

    • Assisting in the development of security processes

    • Assisting in selection and deployment of advanced technologies

    • Liaising with the QSA and manage the PCI DSS Certification process

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.