In our new series, Spotlight on Technology, we invite experts from different areas of cyber security to talk to us about their specialisms. First up, we take a look at encryption with James Rees MD of Razorthorn, a cyber security consultancy & Scott Glazer from Atakama, New York based multifactor encryption software specialists. 80% of companies hit by ransomware are hit twice in a short space of time – 45% of the time by the same attacker as the initial breach. We need to take a new approach to defend against this modern day threat.

In (probably) the last in our series on ransomware, we take you through the latest ransomware attacks on businesses over the last week and - importantly - we share our expertise on the most effective ways to protect your business against a ransomware attack.

Becoming PCI DSS compliant can be a long journey and we like to begin, possibly controversially, with requirement 12 of the 12 PCI DSS Compliance Requirements. This requirement includes information security governance and there's a lot in there about your security policies. Why begin here, you might ask? Well, watch on...

There are plenty of myths and misconceptions around PCI DSS. This video guides you through this minefield - making sure you understand each myth can not only make the PCI DSS compliance process easier but also more successful. Jim shares his 10+ years' experience as a QSA to explain where these misconceptions come from and how to successfully work around them.

We're never ones to shy away from a good debate, as you'll know if you've been following us for a while. It's a popular opinion at the moment, if you follow the chat online, to make it illegal to pay the ransom following a hack which, in theory, certainly has some merit... Unless you've been living under a rock recently, you'll know that ransomware attacks are on the rise and despite the hackers supposedly having certain 'ethics' about avoiding essential service providers, it seems that no organisation is safe from attack.

Following the ransomware attack on the Colonial Pipeline, it's emerged over the weekend that at least 4 other organisations have also been hit, including an Irish healthcare organisation. It's clear that this increase in ransomware attacks is coming at a time when our security may still be running at lower levels, resulting from the emergency measures taken when everyone started working from home.

Join QSA, James Rees, for the third in our PCI DSS mini series. This time, we're talking about the dark art of scoping. Getting the scoping right for an environment is essential and James is sharing his 3 Golden Rules that should be applied to EVERY PCI DSS project.

A swift followup to our post this morning - news broke earlier that it looks as though a ransom of $5m has now been paid. Here are Jim's thoughts on this...

Following the hack on the Colonial Pipeline in the US, join Jim as he reviews the situation one week on. We talk about what we know about the hack, what have been the effects, who are the perpetrators and what do we know about them and - most importantly - what can we learn from this and how can we protect ourselves from similar attacks?