Vulnerabilities in the AWS IoT Platform You Should Know About

    There is no denying that Amazon Web Services (AWS) is a popular choice among companies these days. Businesses like to store their data and run their operations through AWS because of the convenience and performance that its cloud-based storage and services provide.

    Read More

    Beware a Hacker's Precision Strike in Your Cloud Environment

    So, you think your data is safe because you stored it “in the cloud”? If your company is amongst a majority of businesses who decide to transfer to the cloud, you might be wondering if you should still be concerned about secure cloud computing. On one hand, you would have lower costs, added control, and a higher level of protection against security breaches; on the other hand, you are not impenetrable or immune to cyberattacks. While some things become safer, there is a whole new set of concerns and security challenges presented once you move to the cloud.

    Read More

    DEADLINE FOR THE NEW AICPA SOC 2 STANDARDS IS FAST APPROACHING

    What you should know regarding the key changes to SOC 2 reporting (TSP Section 100)

     

    Read More

    What You Need to Know About PCI Levels and Requirements

    Payment card data must be well-protected as damages from data breaches continue to mount.

    Read More

    5 Areas to Consider with Data Loss Prevention

    Security breach incidents have become as ubiquitous as Monday morning traffic. Occurrences appear to be getting more sophisticated in scale when it comes to the volume of data stolen and the financial impact to both enterprise and individuals.

    Read More

    What the Goals of the PCI DSS Compliance Checklist Are, and Why They Matter

    Any business that stores, transmits, or processes payment card data has a responsibility to ensure that those transactions are secure. The Payment Card Industry Data Security Standard (PCI DSS) has a path for that.

    The PCI DSS issued a set of 12 high-level requirements known as the PCI compliance checklist. These requirements apply to merchants of all sizes that accept consumer credit and debit cards. At its core, the PCI compliance checklist is designed to protect consumer card data from fraud and data breaches. Although the requirements mandated by PCI DSS are not law, there are hefty fees and fines for non-compliance.

    Read More

    Developing an Insider Threat Detection Program

    If you were to just listen to the news, you would think that an organization only has to worry about hackers, malware, DDoS, and ransomware attacks. While the biggest threats are commonly from outside cyberattacks, these are not the only concerns a company faces. Companies need to recognize the other significant threat posed to an organization's critical assets: malicious and unmalicious insiders.

    Read More

    7 Most Commonly Asked PCI Compliance Questions

    Ignorance is not an excuse for failing a PCI DSS audit or, worse yet, being victimized by a data breach. The Payment Card Industry Data Security Standard (PCI DSS) clearly defines responsibilities and guidelines for protecting sensitive information such as credit card numbers.

    Read More

    Personally Identifiable Information: What You Need to Know About Keeping It Safe

     

    Media accounts of the theft of personally identifiable information by hackers seem to keep coming like a two-mile-long train—there just seems to be no end in sight.

    That’s because cyberthieves stand to make enormous amounts of money selling personal data in bulk on the black market.

    Read More

    Penetration Testing vs Vulnerability Scanning—Knowing the Differences

    Understanding penetration testing versus vulnerability scanning and using them both properly will help your organization identify cybersecurity weaknesses and determine how likely they are to be exploited.

    The average organization experienced more than 53,000 security incidents that compromised the integrity, confidentiality, or availability of information assets between November 2016 and October 2017, according to the 2018 Verizon Data Breach Investigations Report. Researchers confirmed 2,216 data breaches in which information was exposed to an unauthorized party during that same period.

    Read More

    Subscribe Here!