Risk3sixty Responds to PCI DSS 4.0 Transition with Significant…

News Image

There are important opportunities to reduce the burdens traditionally associated with a PCI DSS audit. We think we are in a unique position to leverage this transition to help clients accomplish both.

Risk3sixty, a PCI QSA firm that helps high-growth technology companies assess, build and manage security, privacy and compliance programs, today announced important investments they are making in leadership, their platform Phalanx GRC, and new methodologies to help clients navigate the transition from PCI DSS version 3.2.1 to PCI DSS version 4.0. The transition to PCI DSS version 4.0 marks the most extensive change to the standard in more than a decade and could change the way many organizations approach achieving certification against the standard.

“We know that the transition to PCI DSS 4.0 will be a significant challenge for organizations, so we wanted to bring in a talented leader, Christopher Donaldson, to help enhance our capabilities and better serve our clients,” said risk3sixty CEO and Co-Founder Christian Hyatt.

Donaldson is a noted authority in compliance, with technical expertise across all areas of security as it relates to data confidentiality. He possesses specific competencies in network security, data protection, and governance, risk and compliance (GRC). He has led numerous complex engagements leading organizations on their journey to PCI DSS compliance.

In addition to expanding their PCI DSS leadership team, risk3sixty has also made significant investments in technology to help make PCI DSS certification easier for their clients.

“Over the last 5 years we have built Phalanx GRC, the platform that helps our clients navigate frameworks like SOC 2, ISO 27001, and PCI DSS. We take the complexity of these frameworks and translate it into easy-to-follow steps in language people can more easily understand,” said risk3sixty President Christian White, who is also a co-founder of the company. “Phalanx GRC will help significantly reduce the efforts to achieve certification and maintain compliance over time as it helps interpret the standard and has fantastic capabilities to support gathering audit evidence, manage policies, manage risks, and much more. Hundreds of organizations already use Phalanx, so we are very confident in its capabilities.”

PCI DSS version 4.0 includes a number of important changes including new guidance on performing risk assessments as well as an option to adopt customized control. Under Donaldson’s leadership the organization has developed a proven process to help organizations manage the nuances of PCI DSS version 4.0.

“PCI DSS version 4.0 presents an opportunity for organizations to leverage the compliance exercise to significantly reduce their cybersecurity risks,” said Donaldson. “In addition, there are important opportunities to reduce the burdens traditionally associated with a PCI DSS audit. We think we are in a unique position to leverage this transition to help clients accomplish both.”

About risk3sixty

Risk3sixty, an Atlanta-based cyber security consulting company, works with high-growth technology firms to help leadership build, manage and certify security, privacy and compliance programs that underpin public and stakeholder trust yet never hinder business goals. These efforts are propelled by the company’s cybersecurity playbook and expert leadership paired with the powerful security, privacy and compliance platform, Phalanx GRC. The firm has a proven track record of helping accomplish these missions for “unicorns,” high-value clients that have a valuation of $1 Billion or more. To learn more, visit https://risk3sixty.com.

Share article on social media or email:

Time Stamp:

More from Computer Security