Orange Cyberdefense achieves PCI Qualified Security Assessor certification

London, UK – 20 February 2024 – Orange Cyberdefense, a European leader in cybersecurity services, has been certified as a Qualified Security Assessor (QSA) by the Payment Card Industry (PCI) Security Standards Council. This certification means that Orange Cyberdefense can validate organisations’ adherence to the PCI Data Security Standard (PCI DSS) across Europe.

PCI DSS v4.0 becomes mandatory in March 2024 with significant updates to the set of principles designed to protect global payment systems. It is the standard adhered to by every organisation that processes card payments to protect customer payment data worldwide.

As a QSA, Orange Cyberdefense can work with businesses to ensure they align with the PCI DSS framework and can support the security requirements outlined. PCI DSS v4.0 includes 64 new requirements, some of which may be difficult for organisations to fulfil independently, including having a 24x7 Security Operations Centre (SOC) and website script monitoring. As a leading managed security services provider with 3,000 experts and 32 SOCs around the world, Orange Cyberdefense is well-placed to support clients through the entire compliance process.

The company is already a PCI Approved Scanning Vendor (ASV), which enables it to conduct external vulnerability scanning services to validate adherence with PCI DSS security testing requirements including web applications, network vulnerabilities and penetrating testing. As a QSA and ASV, it can now conduct both the scanning and certification needed to adhere to the PCI DSS. With its portfolio of services that cover every requirement of the standard, Orange Cyberdefense is now a one-stop shop for compliance.

Richard Lindsay, Senior Advisory Consultant and PCI QSA at Orange Cyberdefense, said, “Valuable personal financial data is attractive to cybercriminals who are using more advanced attack methods every day, and it also remains vulnerable to insider threats. We’re proud to be one of the few companies worldwide that combine certified PCI QSA and ASV services, with a managed security portfolio to address all compliance needs. This combination enables us to support businesses through the entire compliance process and be the trusted advisor at their side as they identify and implement the changes needed to ensure security.”