35Vendor Cybersecurity Regulations

DOI: 10.4324/9781003052616-45

I believe we will all be responsible for our own security—no vendor, service provider, or even government entity will save us.

Sean Martin, Founder ITPS Magazine Podcast

Regulations requiring vendor cyber risk programs

The PCI security council

The PCI Security Council (PCI SC) was formed in 2004 by the major card brands, including American Express, JBC, Visa, Mastercard, and Discover to protect cardholder data. It applies to merchants, acquiring banks, and data processors. Data processors are typically third parties; however, each of these three has first- and third-party relationships.

The PCI SC is one of the earliest governing bodies to have vendor cybersecurity requirements. ...

Get Enterprise Cybersecurity in Digital Business now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Enterprise Cybersecurity in Digital Business by Ariel Evans

35Vendor Cybersecurity Regulations

Regulations requiring vendor cyber risk programs

The PCI security council

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly