PCI DSS and I
Your company obtained PCI compliance. It could have been a journey which ended with a QSA audit, a self-assessment; or, as I saw in some cases, forsaken the PCI crown and decided to “eat” the risk.
So, What now?
Small and large organizations with PCI obligations have more than a Cardholder Data Environment (CDE) to worry about. There are always cyber security concerns involving systems availability, reputation, and also sensitive data concerns around Personally Identifiable Information (PII), healthcare related data, Intellectual Property (IP), regulatory requirements etc.