Last year, as most people were stuck at home, many of us became even more dependent on e-commerce sites than we were already. Unfortunately, that includes cybercriminals too. In 2020, scams targeting the checkout forms of online retailers rose by 20%, according to reports.

If your organization handles any type of payment processing, storage, or transmission of credit card data electronically, you’ll be very familiar with PCI DSS (formally known as the Payment Card Industry Data Security Standard). This standard exists to protect debit and credit cardholder data from unauthorized access via data breaches, ransomware, and other security breaches. However, with the rise in these breaches also comes the rise in changes and rules to the PCI DSS.

A famous 2011 article by security adviser Roger Grimes is intriguingly titled, “To beat hackers, you have to think like them.” In the article, Grimes explains that IT security professionals must view IT systems through the eyes of hackers — and search ways to break into these systems, identify weaknesses, and create robust security measures. That is exactly what penetration testing is all about.

Most companies know how to engage in a security risk assessment. However, the first step in the security assessment process should be engaging in a data risk assessment. While the two sound similar, they provide different insights. This guide to performing a data risk assessment explains what it is, why it’s important, and how to engage in one.

This week, the popular web host GoDaddy reported that it experienced a serious data breach impacting 1.2 million customers. Is your organization at risk, and what should you do? Here’s what you need to know.

Every company needs to undertake a certain amount of planning if it wants to grow. This includes not only strategic planning to expand operations and increase profits; executives also need to plan for risks they might encounter so they can anticipate and avoid threats. It makes sense, therefore, to integrate this planning throughout your organization so that no business function goes overlooked.

The phrase “governance, risk, and compliance” (GRC) was first introduced in the early 2000s by the Open Compliance and Ethics Group (OCEG). Since then, the concept has fundamentally changed how businesses operate. Although GRC is not a revolutionary idea by any means, it is integral to assuring that organizations can achieve, and maintain, optimal business continuity.

A supply chain is the ecosystem of processes, systems, and entities that work together to transform an idea into a final product and customer-ready offering. That lifecycle consists of multiple moving parts. As global supply chain complexity increases, organizations in every industry require robust and reliable supply chain management (SCM) tools, processes, and people. Coordination of the supply chain is critical for efficiency and optimization.

Often it's not a question of if your business will experience a data breach, but when. Hackers are always looking for new ways to take advantage of weak networks or trick employees into falling prey to their schemes. And if your business operates computer systems or handles sensitive data regularly, you are at risk. Having the right insurance coverage to provide aid in the event of a cyber attack can save your business from expensive lawsuits and reputational damage.

BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. As the global pandemic disrupted the way business is conducted, the workforce became more dispersed and moved far from the traditional secure enterprise environments.