At the end of 2016, SWIFT introduced a new Customer Security Program, which also includes the SWIFT Customer Security Controls Framework (CSCF). Last August, SWIFT announced a new version of the SWIFT CSCF in response to the growing number of cyberattacks on SWIFT infrastructure, causing billions in financial losses. Member institutions are expected to comply with these new controls and attest to the mandatory controls at the end of 2019. The latest version promotes some advisory controls to mandatory controls and introduces new advisory controls.Read more »
PCI DSS requires covered companies to not only be 100 percent compliant, but to also maintain that posture continuously. The Interim report on compliance (iRoc) is a measure of the state of compliance and efficacy of PCI controls in between assessments – and is a good proxy for measuring an organization’s ability to maintain a continuous state of 100 percent PCI compliance. Verizon’s 2018 Payment Security Report finds that an increasing number of merchants are 100 percent compliant, growing from 11.2 percent of the covered merchants in 2012 to 52.5 percent in 2017.
Read more »