It’s not always the case that software development companies worry about quality assurance to such a degree that they consider it a matter of compliance. And yet, enterprises building critical software in heavily regulated environments or industries understand very well that quality assurance is part of the business. This is why the International Organization for Standardization (ISO) published the 9000 series, including ISO 90003, for quality assurance in software. 

Here, we break down some of the basic principles of Quality Management Systems and why you might consider compliance for your software development projects. 

Read More

The good news? PCI DSS 4.0 is out, but the adoption schedule for the new standard is quite generous. The better news? The PCI Security Council has decided to implement a tiered approach to adoption. The first will finalize when the previous version (3.2.1) is officially retired in 2024. The second, known as the “future dated” requirements, will have an additional year. 

This article will cover the future-dated requirements from PCI DSS version 4.0.

Read More

Ransomware is one of the most significant security threats and perhaps one of the most recognizable threats in modern cybersecurity. These attacks cost businesses millions of dollars and can result in the loss of massive volumes of mission-critical information that supports business operations, national infrastructure, or government agencies. As part of the Cybersecurity Framework, the National Institute of Standards and Technology has released a new internal report known as the “Ransomware Report” (NISTIR 8374) to aid agencies and companies in resisting these threats. 

Read More