What the Goals of the PCI DSS Compliance Checklist Are, and Why They Matter

    Any business that stores, transmits, or processes payment card data has a responsibility to ensure that those transactions are secure. The Payment Card Industry Data Security Standard (PCI DSS) has a path for that.

    The PCI DSS issued a set of 12 high-level requirements known as the PCI compliance checklist. These requirements apply to merchants of all sizes that accept consumer credit and debit cards. At its core, the PCI compliance checklist is designed to protect consumer card data from fraud and data breaches. Although the requirements mandated by PCI DSS are not law, there are hefty fees and fines for non-compliance.

    Read More

    Developing an Insider Threat Detection Program

    If you were to just listen to the news, you would think that an organization only has to worry about hackers, malware, DDoS, and ransomware attacks. While the biggest threats are commonly from outside cyberattacks, these are not the only concerns a company faces. Companies need to recognize the other significant threat posed to an organization's critical assets: malicious and unmalicious insiders.

    Read More

    7 Most Commonly Asked PCI Compliance Questions

    Ignorance is not an excuse for failing a PCI DSS audit or, worse yet, being victimized by a data breach. The Payment Card Industry Data Security Standard (PCI DSS) clearly defines responsibilities and guidelines for protecting sensitive information such as credit card numbers.

    Read More

    Personally Identifiable Information: What You Need to Know About Keeping It Safe

     

    Media accounts of the theft of personally identifiable information by hackers seem to keep coming like a two-mile-long train—there just seems to be no end in sight.

    That’s because cyberthieves stand to make enormous amounts of money selling personal data in bulk on the black market.

    Read More

    Penetration Testing vs Vulnerability Scanning—Knowing the Differences

    Understanding penetration testing versus vulnerability scanning and using them both properly will help your organization identify cybersecurity weaknesses and determine how likely they are to be exploited.

    The average organization experienced more than 53,000 security incidents that compromised the integrity, confidentiality, or availability of information assets between November 2016 and October 2017, according to the 2018 Verizon Data Breach Investigations Report. Researchers confirmed 2,216 data breaches in which information was exposed to an unauthorized party during that same period.

    Read More

    Healthcare Cybersecurity Attacks Could Cost More Than Just Stolen Data

    In an age of ever-increasing cybercriminal activity, the healthcare industry continues to lag behind other industries in cybersecurity preparedness. This lack of attention to cybersecurity has hurt the industry in terms of stolen data, massive fines, and loss of consumer confidence.

    Read More

    PCI DSS: Industry High-Bar or Your IT Security Starting Gate?

    Let’s make a quick distinction: maintaining PCI DSS compliance isn’t the same as maintaining the security of payment card data. Though complying with the Payment Card Industry Data Security Standard (PCI DSS) will help you protect sensitive information, it may not prevent a data breach.

    Read More

    Why You Need a SOC 2 Readiness Assessment

    Ensuring network security can be a very expensive game of cat and mouse for organizations. The truth is that securing your organization’s network infrastructure from hackers and other bad actors requires that you keep one step ahead.

    Beyond the embarrassment of losing sensitive customer data, there’s a steep price tag associated with today’s breaches. The larger your organization, the more records are at risk and the higher the financial cost of recovering from a cyberattack.

    Read More

    Ransomware: 6 IT Security Best Practices You Need

    To say ransomware is ubiquitous is an understatement. Between 2016 and 2017, emails infected with ransomware increased by 6,000 percent and 100 new malware families were discovered.

    There appears to be no end to this epidemic. As long as there are strong financial incentives to exploit the enterprise IT environment, new variants of these attack vectors will continue to pop up. It’s likely that an attack on your organization’s network will occur soon if it hasn’t already, but there are some actions you can take to make your organization less susceptible to a ransomware attack.

    Read More

    5 Ways You Could Derail Your SOC 2 Audit

    A clean SOC 2 audit report assures customers that their data is secure with your organization. But failing to pass a SOC 2 audit, or receiving a qualified report, can scare customers away.

    The difference between maintaining customers or losing them depends on whether you comply with the Service Organization Controls (SOC) set by the American Institute of Certified Public Accountants (AICPA).

    Read More

    Subscribe Here!