RSI Security

Blog

  • The Many Cyber Security Threats To The Financial Sector

    The Many Cyber Security Threats To The Financial Sector

    In today’s society, there are new cybersecurity threats to the financial sector every day. Find out the most common risks for financial institutions here.

    Cybersecurity threats pose a substantial risk to just about every company and individual all over the world. That may sound like hyperbole but according to USA Today, billions of people have been affected by cybersecurity attacks. Financial institutions are particularly at risk due to the massive amount of capital they oversee. Understanding the risks and how to protect yourself are vital in succeeding in the financial world.

    (more…)

  • What Are the 3 HITRUST Implementation Levels?

    What Are the 3 HITRUST Implementation Levels?

    Healthcare is an industry intertwined with our everyday lives. The young and the old alike rely on doctors to keep them healthy and usually, in that pursuit, reveal personal details to their health practitioners. This means consumers put a lot of trust in healthcare companies. 

    But with technology taking over the mundane tasks of healthcare, threat actors target health institutions for that personal information. The Health Information Trust Alliance (HITRUST) is designed to verify privacy and security compliance combat healthcare fraud. In particular, there are three different levels associated with HITRUST controls. 

    Learn about each HITRUST level and why it’s important with our comprehensive guide. 

    (more…)

  • Information Security vs. Cyber Security: Is There a Difference?

    Information Security vs. Cyber Security: Is There a Difference?

    Technology progresses rapidly, and new security tactics are developed with each innovation. Several years ago, the key term for businesses was “information security,” but today cybersecurity tends to garner more attention and research. However, both information and cybersecurity have their respective merits and their similarities.  As an organization, it’s critical that your private info is secured. Learn about the differences between information security vs cybersecurity here. 

    (more…)

  • 5 Cyber Security Threats In The Cannabis Industry

    5 Cyber Security Threats In The Cannabis Industry

    The legal marijuana industry is expected to grow exponentially over the next few years. This is spurred not only by the legalization of recreational marijuana in many states in the US as well as in countries like Canada, but also the growing adoption of cannabis as a pharmaceutical product.

    According to the State of the Legal Cannabis Markets report from BDS Analytics and Arcview Market Research, legal pot sales will hit $40.6 billion in 2024. This represents a 24.5 percent growth over the period 2018 to 2024. 

    The burgeoning cannabis retail industry is, therefore, a prime target for cybercriminals who look to steal valuable and sensitive information ranging from credit card information, trade secrets, and personally identifiable information (PII)

    Aside from the consumer information they store and manage, online cannabis retailers are being targeted because many of them have yet to incorporate cybersecurity practices.  Small to medium-sized online marijuana retailers are also highly vulnerable to cyberattacks because they normally don’t have the resources to hire an IT staff who can implement security measures to mitigate cybersecurity risks. 

    (more…)

  • Network Security Best Practices: A Complete Checklist

    Network Security Best Practices: A Complete Checklist

    The workplace is no longer an environment with stacks of filing boxes or employee mailboxes. Instead, files now speed through the Internet and meetings are held via teleconference. The ease of communication and multi-device compatibility, although convenient, increases the network vulnerability of companies. Understanding how a network operates, the components involved, and common threats will help companies prevent and mitigate future cyber attacks.

    Is your online information secured? Read on to access our network security best practices checklist. 

    (more…)

  • What Are The PCI DSS Compliance Regulations for the Cannabis Industry?

    What Are The PCI DSS Compliance Regulations for the Cannabis Industry?

    The legalization of recreational and medical marijuana in many states and countries around the world has made the global marijuana market one of the fastest-growing industries. According to a recent report by the Grand View Research, Inc., the global legal marijuana market will grow to $66.3 billion by 2025.

    Cannabis is being widely used as a pharmaceutical product. It is said to be effective in treating severe medical conditions like arthritis, cancer, and Parkinson’s disease. This has contributed to the increased demand for medicinal marijuana.

    Moreover, recreational marijuana or the use of cannabis without medical justification is being legalized in many states and countries. In the United States, 11 states and the District of Columbia have legalized the recreational use of cannabis among adults. Countries like Canada, Belize, Jamaica, Argentina, and the Netherlands have also decriminalized the use of marijuana.

    All these developments point to the expansion of the cannabis industry in the years to come. Marijuana dispensaries can maximize their growth potential by complying with the Payment Card Industry Data Security Standard (PCI DSS), an information security standard for payment processing. Cashless ATM or point of sale (POS) banking is considered a viable and important platform for marijuana dispensaries to grow their sales. With POS banking, online cannabis dispensaries can accept purchases from customers who use their credit and debit cards.

    (more…)

  • Cyber Security Data Protection Plan For The Cannabis Industry

    Cyber Security Data Protection Plan For The Cannabis Industry

    The cannabis industry has been booming recently due in part to legalization legislation that has helped to alleviate barriers to market entry. Recent trends tell us that the cannabis marketplace is projected to grow at a staggering rate from $10.3 billion in 2018 to $39.4 billion by 2023. With more and more states opening up their borders for marijuana, many businesses are looking to technology to manage this increase in customers.

    As of November 2018, 10 states have legalized recreational cannabis while 33 have approved it for medical uses. As more states are opening their borders to legal cannabis, business owners are beginning to become more digital in their endeavors thanks to this newfound legalization. But digitization isn’t all good if you don’t have a cybersecurity plan to protect your data.

    Brands that are able to infuse innovative technology into their network infrastructure can use it to analyze and predict valuable consumer trends that will enable them to make critical decisions in the future. Having a cybersecurity plan in place to supplement this type of innovative undertaking is what will help your cannabis business thrive. Let’s look into the specific areas of interest that you should be focusing on when cultivating your cybersecurity plan and which proactive measures you need to take to avoid being a victim of a cyber-attack.

    (more…)

  • What is Service Organization Control (SOC)?

    What is Service Organization Control (SOC)?

    Service Organization Control reports (SOC), in a nutshell, help companies with various aspects of their business. Essentially, these reports outsource different responsibilities within a business, like payroll, medical claims processing, document management and much, much more. Typically, they are aspects of a business that a company or “user entity” is not capable of doing as well as the service organization. It also allows the company or “user entity” to concentrate on other facets of their business. These reports come in various types based on the type of work the user entity does.

    In this article, we’ll discuss the different types of reports in detail, as well as why you might choose one Service Organization Control report over another. To best understand how it works, it’s important to make sense of the system that came before SOC. Prior to the implementation of Service Organization Control, CPAs used a system called SAS 70. 

    (more…)

  • Security Strategies for BYOD in the Workplace

    Security Strategies for BYOD in the Workplace

    As businesses continue to move at the speed of light in every possible direction, employees must be able to keep up with the expectations presented to them. As such, in an attempt to be more lean in their operational efficiencies, many companies are opting to allow employees (from new hires to executives) more flexibility with the types of devices they use in the office. This innovative approach to business takes its form as a Bring Your Own Device (BYOD) in the workplace policy. 

    Although this allows companies the freedom to pivot freely without the need to carry unnecessary overhead expenses at all times, it does come with the tradeoff of leaving holes in your network security. If you don’t take the necessary steps to deter a data breach at any possible point of intrusion, it could spell disaster for your organization in the future. Let’s look closer at what BYOD is all about and how you can limit vulnerabilities and prevent a breach from occurring in the future.

    (more…)

  • What Are SOC 2 Trust Service Principles?

    What Are SOC 2 Trust Service Principles?

    As a business owner, you are always looking for ways to set yourself apart from the competition. It may be that your exceptional service, incredible products, or perhaps low prices that give you that competitive edge. Just as important as all these things are to the success of your business, so is establishing a deep level of trust with your customers. One good way to establish this trust is to become SOC 2 Compliant.

    There are five trust service principles which include:

    • Security
    • Availability
    • Processing integrity
    • Confidentiality
    • Privacy

    (more…)