Cyber security compliance audits are an integral part of securing your networks and systems from data theft or other types of cybercrime attacks. Audits are a process through which your information security policy, framework, and implementation are checked and tested to ensure that they meet the standards for compliance. In this article, well go into greater detail on why audits are an important part of maintaining compliance, and how frequently you should be conducting them.
Blog
-
What is PCI administrative access?
Your organization may feel as though its ready to be PCI DSS compliant, but do you really understand the complexities that come with this undertaking? The multitude of short and long-term intricacies that your business must adhere to is mind boggling. Are you truly ready to take the blue pill and fall down that rabbit hole for your company’s foreseeable future? Well, if you want to keep accepting credit cards at your point of sale (POS), you’re going to need to do more than just cram before your required PCI compliance scans. When 45% of businesses continue to take card payments even though they fail to comply with payment security regulations, you don’t want to become another data breach statistic. To fully grasp the density of requirements surrounding PCI compliance, follow us down the tunnel where we will detail the 4 levels of PCI compliance and the usefulness of PCI administrative access.
-
Can card verification codes be stored for recurring autopay transactions?
Life in 2018 is busy. I know, Im right in the thick of it. The thing that just nags the most? Bills. Call me crazy, but I still make payments manually on a regular basis. Then there are some payments I just leave to the autopay overlords. As much as I like being in control, theres something satisfying about having that bill paid on its own. A small amount of pressure swept away from a busy life.
-
Consequences of Not Maintaining PCI Compliance
Why must a payment card processing entity comply with PCI DSS Standard?
Before we answer the question above, lets take a look at the means and motives for a threat actor to act maliciously against any business. The most common motives are money, business records and sensitive data, design plans, business plans, medical records, legal records, business reputation and others. (more…)
-
Who Must Comply with PCI standards?
Staying on top of the latest in rules and regulations as a business owner is of paramount importance to the long-term viability of your organization. You know it is, yet you find that you become a deer in the headlights when tasked with needing to be compliant when accepting credit card transactions. Where do you start? Do you really need to be compliant? What happens if youre not compliant? Thankfully, this article is your one-stop-shop for the answer to these questions and a myriad of others you may have regarding PCI (Payment Card Industry) DSS (Data Security Standard) compliance. Dive into the topic in greater detail by absorbing this guide that investigates current and future PCI DSS cardholder regulations and requirements, who they apply to, and what you can do to keep your clients cardholder data safe from the constant threat of data breaches. -
GDPR Compliance – An essential guide to personal data security
In this age of digital transformation, the upcoming EU General Data Protection Regulation (GDPR) sets a new bar for privacy rights, security, and compliance.
-
SamSam shows up again with a ransom note
Last week, the Colorado Department of Transportation was hit with the SamSam ransomware forcing it to shut down 2000 computers across its system. Believed to be a new variant of the previous SamSam ransomware, according to Talos Intelligence at Cisco, this ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do not appear to be highly targeted, and appear to be more opportunistic in nature. As we all know these ransomware can cripple critical systems such as those in the healthcare services impacting patients across the world.
-
International Bank Cyber Heist via SWIFT…again…
Indias City Union Bank, a small private lender, said on Feb 18, 2018 that cyber criminals had hacked its systems and transferred nearly $2 million through three unauthorized remittances to lenders overseas via the SWIFT financial platform. Chief Executive Officer N. Kamakodi called it a conspiracy involving multiple countries, and added the lender was still investigating how it had happened. The bank had discovered the three fraudulent remittances, which were sent via correspondent banks to accounts in Dubai, Turkey and China.
-
Cyber attacks at the 2018 PyeongChang Winter Olympics
A cyberattack paralyzed internet networks at the opening ceremony of the 2018 Pyeongchang Winter Olympics. Several U.S. cybersecurity firms have uncovered a computer virus named Olympic Destroyer that was likely used in an attack.
-
Blockchain and You – A primer on the underlying technology that makes Bitcoin possible
Intro
Given the media attention on Bitcoins daily value gyrations, its easy to be distracted away from the technology that makes the cryptocurrency (and its ilk) possible. Todays blog isnt to debate the true value or future of Bitcoin, but rather to examine Blockchain, the protocol that enables Bitcoins currency sovereignty, along with a host of other possible applications.