I recently attended a virtual conference on CMMC, an upcoming security mandate for defense supply chain organizations. There were a lot of great sessions, but one that really stood out was presented by Scott Goodwin, Manager – Cybersecurity and Privacy Advisory at DGC.
It is becoming increasingly difficult to guarantee a safe boundary for your sensitive data. As work-from-anywhere cements, employees are now collaborating freely with each other, with contractors and with partners. But this freedom to collaborate more broadly also means information is being shared among devices, applications and networks that your organization doesn't necessarily have control over.
Last month’s revelation that Okta had been hacked created a seismic impact in the world of security, with organizations still bracing themselves for the fallout from this incident. While resources, like Microsoft’s article on Lapsus$ (tracked as DEV-0537), have broadly dissected the attack vectors used in the group’s attacks, we wanted to expand on the broader trends and context surrounding the Okta hack.
PCI compliance applies to businesses of all sizes: In fact, the PCI Council sets compliance standards according to how many card-based transactions a business handles each year. There are four merchant levels are Small businesses usually fall under level four. If you’re not sure what level your business falls into, your point-of-sale (POS) reports may be able to tell you.
PCI DSS stands for Payment Card Industry Data Security Standard. This standard is set forth by the PCI Security Standards Council, an organization founded in 2006 by American Express, Discover, JCB International, Mastercard and Visa Inc. The PCI DSS sets security rules for any business that accepts their cards, with the goal of protecting customer credit and debit card data. Any business that accepts any non-cash payments needs to meet the PCI standards.
PCI compliance is a complicated matter. There are a number of different steps to meet and validate your achievement of the PCI DSS standard. In this guide, we’ll break down the steps in PCI compliance testing, the different types of PCI compliance tests, and how much it costs to complete this process.
Network segmentation is a practice that can dramatically lower the time, effort and cost of a PCI DSS assessment. Not only is it an industry best practice for security cardholder data, but it’s also an effective way of controlling the annual commitment of meeting your PCI compliance requirements. Here’s how network segmentation works, as well as some key best practices for using network segmentation to reduce the scope of your PCI assessment.
CatchPulse, formerly known as SecureAPlus, is the must-have cybersecurity solution for your home as it protects against the increasing threat of cyberattacks - without forcing you to become a cybersecurity expert. In 2021, ransomware attacks increased by a whopping 105% and malicious malware still continues to infiltrate devices with over 5.4 billion attacks recorded in the last year alone.
In the midst of a growing global cyberthreat landscape, the Australian and US governments this week announced plans to increase spend to bolster federal cybersecurity. The Australian federal government’s newly released 2022-23 federal Budget has dedicated AU$9.9 billion to support cybersecurity and intelligence capabilities under a program called Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers (REDSPICE).
Encryption has come a long, long way over the last few years. Something once reserved only for militaries and governments, encryption has been made super accessible and has become standard practice in the tech industry. Whether it’s texts, photos, or word docs - it can, and should, be encrypted. Put simply, encryption scrambles any file sent or stored online into unreadable nonsense that can only be translated (or decrypted) by a user with a key.
