Alastair Stewart

Senior Consultant at URM

Alastair is one of the most experienced and proficient Payment Card Industry Qualified Security Assessors (PCI QSAs) in the UK.  Having gained a BSc in Computer Security & Forensics while working in IT support, Alastair went on to complete an MSc in Information Management & Security, before gaining his PCI QSA qualification in 2013.  Alastair now has 10 years consultancy experience working with hundreds of organisations of all sizes and from a wide range of market sectors helping them to comply with the Payment Card Industry Data Security Standard (PCI DSS).  As a PCI DSS specialist he has worked with all versions of the Standard from v2.0 onwards and is equally skilled in providing consultancy and assessment services.  Under the consultancy umbrella, Alastair is adept at advising on ways to reduce PCI DSS scope, conducting gap analyses, remediating any areas of non-compliance and transitioning to the latest version of the Standard.  On the assessment front, Alastair has completed in excess of one hundred successful reports on compliance (RoCs) against different PCI DSS versions along with supporting the completion of self-assessment questionnaires (SAQs).

PCI DSS v4.0: Targeted Risk Analysis
PCI DSS v4.0: Forced Password Changes and Zero Trust Architecture
PCI DSS v4.0: Network Security Controls
Common Questions When Preparing to Transition to PCI DSS v4.0
How to Meet Key New PCI DSS 4.0 Requirements
What are the Key New Requirements with PCI DSS 4.0
Pros and Cons of Delaying Your PCI DSS v4.0 Transition
Preparing For a PCI DSS v4.0 Assessment
PCI DSS v4.0 and Multi-Factor Authentication
5 Ways to Reduce Your PCI DSS Scope
PCI DSS: Pros and Cons of Outsourcing
Benefits of PCI DSS Compliance
PCI Policies, Procedures and Evidence – What is expected?
Top 5 common pitfalls of PCI DSS compliance
Preparing for a Report on Compliance (ROC)
What Are the Service Provider Levels
What Are the Merchant Levels
PCI DSS compliance as BAU (business as usual)
Can I Store Cardholder Data?
InfoSec Insider
Season
1
, Episode
5
Alastair Stewart

PCI DSS – New Requirements for E-Commerce

In this episode of InfoSec Insider, Alastair Stewart, Payment Card Industry Qualified Security Assessor (PCI QSA) and Senior Consultant at URM, explores some of the new requirements for e-commerce pages in version 4.0 of the PCI Data Security Standard (PCI DSS), providing valuable advice and guidance on what organisations can do to remain PCI DSS compliant as they transition to v4.0.  Alastair leverages his 10+ years of experience assisting organisations to comply with the PCI DSS to discuss:  

  • What the new requirements are for e-commerce pages in PCI DSS v4.0
  • How organisations can go about meeting the new requirements
  • Which organisations the new requirements for e-commerce pages will and will not be applicable to
  • How challenging it will be for organisations to meet the new requirements
  • Why the new requirements have been introduced
  • Which of the new requirements for e-commerce pages have been added to the self-assessment questionnaires (SAQs) and which SAQs they have been added to.  

Learn more about this topic