RSI Security

Blog

  • What is the Most Common Form of Social Engineering?

    What is the Most Common Form of Social Engineering?

    Regardless of how robust an organization’s cybersecurity defenses are, cyber threat actors employing social engineering attacks remain a substantial threat. Unlike technologically-focused attacks that exploit vulnerabilities in an organization’s networks or the overall IT infrastructure, social engineering attacks leverage human psychology to gain network access. Phishing represents the most common form of social engineering attack. (more…)

  • The Importance of a Cybersecurity Risk Assessment

    The Importance of a Cybersecurity Risk Assessment

    Improving an organization’s brand starts with the reliability and availability of its services.  Whether individuals or other organizations, customers want to ensure that services are delivered and processes executed consistently. The importance of risk assessment in business is identifying vulnerabilities that may threaten these regular operations and, resultantly, an organization’s reputation. Risk assessments improve overall cyber defense posture, help protect endpoint devices, and minimize potential damage from specific threats. (more…)

  • PCI DSS Best Practices for Compliance

    PCI DSS Best Practices for Compliance

    Any organization that handles cardholder data (CHD) is required to follow the Data Security Standards (DSS) established by the Payment Card Industry (PCI). These rules and regulations play a critical role in protecting networks and CHD environments (CDE) from internal and external threats alike. However, their effectiveness can depend on your staff following a few PCI DSS best practices. (more…)

  • How Does Email Endpoint Scanning Work? Endpoint Email Security 101

    How Does Email Endpoint Scanning Work? Endpoint Email Security 101

    Email is the primary internal and external communication method for most organizations. Unfortunately, it also presents a significant security risk. As such, the various email vulnerabilities must be accounted for in your organization’s holistic cybersecurity strategy. Email security packages and plugins exist on a sliding scale—from a basic, built-in spam filter to heavy encryption. One of the most valuable of these to consider is email endpoint scanning. (more…)

  • How and Why DoD Contractors Must Protect Covered Defense Information

    How and Why DoD Contractors Must Protect Covered Defense Information

    The federal government utilizes contractors to provide routine services and products to achieve the nation’s missions and conduct operations. During the course of business, the government shares sensitive information with federal contractors, which is then stored, processed, and transmitted via information systems. Department of Defense (DoD) contractors must abide by Defense Federal Acquisition Regulation Supplement (DFARS) requirements for protecting Covered Defense Information (CDI), which is directly related to national security. (more…)

  • Largest Ransomware Attacks 2021

    Largest Ransomware Attacks 2021

    2021 has brought with it a record number of ransomware attacks. In this piece, we’ll discuss the most significant ransomware attacks 2021 has seen so far and how your organization can avoid being the next cyber-victim.  (more…)

  • How Non-Disclosure Agreement Risks Factor into EU GDPR Compliance

    How Non-Disclosure Agreement Risks Factor into EU GDPR Compliance

    The European Union’s (EU) General Data Protection Regulation (GDPR) enumerated individuals’ data privacy and protection rights, established regulations for organizations to comply with, and introduced sweeping operational changes. Any US-based organization that interacts with or processes data belonging to citizens of EU member states must comply with the GDPR.  (more…)

  • Who Enforces CCPA Compliance?

    Who Enforces CCPA Compliance?

    The California Consumer Privacy Act (CCPA) took effect on July 1, 2020, providing state residents with the most comprehensive data privacy protections in the US. Comparable to the EU’s GDPR, the CCPA specifies individuals’ rights regarding companies collecting, using, and storing their personal data.  (more…)

  • What Are the PCI Merchant Level Requirements?

    What Are the PCI Merchant Level Requirements?

    Companies that process credit card payments must comply with the Payment Card Industry (PCI) Data Security Standard (DSS). Two essential questions for all organizations seeking PCI compliance are what is merchant PCI compliance? and what does it require? Below, we answer these and other questions about PCI merchant level requirements applicable to your business. (more…)

  • What is the HITRUST Threat Catalogue?

    What is the HITRUST Threat Catalogue?

    Organizations in any industry can benefit from threat intelligence, or information that helps identify, analyze, categorize, and ultimately mitigate cybersecurity threats. The HITRUST threat catalogue, a publication of the HITRUST Alliance, is designed with these aims in mind. It breaks down the most common and dangerous kinds of threats into manageable categories, so that an organization can swiftly determine how to address a given threat before it becomes a full event. (more…)