Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The Imperative to Address Security Concerns of the Rapidly Evolving Internet of Things

The Internet of Things (IoT) broadly refers to devices and equipment that are readable, recognizable, locatable, addressable and/or controllable via the internet. This includes everything from edge computing devices to home appliances, from wearable technology to cars. IoT represents the melding of the physical world and the digital worked, as sensors are not costly and wireless access is now ubiquitous.

What is PCI DSS and why do I need it?

PCI DSS is an incredibly important compliance standard for those processing card payments. It stands for Payment Card Industry Data Security Standard. Whilst that doesn’t exactly roll off the tongue, it is a very resilient set of standard requirements that aims to make a business more secure. A 2018 payment security report revealed that no company affected by a data breach was completely compliant with PCI DSS.

Weekly Cyber Security News 18/01/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. There has been some amazing breach notifications this week, none of which I will comment on as there’s plenty of articles already. First item of comment this week is an interesting article commenting on various hosting providers – are they fair points? How far should our trust go in that any service provider of any kind is doing their best to look after both ours, and their, property?

PCI DSS Compliance: An Overview

The Payment Card Industry (PCI) comprise all credit card providers including Visa and MasterCard. These entities are required to uphold the integrity of the cardholders' information to prevent any breach. While complying with the PCI DSS requirements can be overwhelming, it is necessary since it'll enable you to develop stringent measures to store and protect the cardholders' data.

The Dark Web has a Serious Deduplication Problem

In a post released on 1/8/19, I wrote about the record number of breaches in 2018. This brought to mind a podcast that I was listening to a few days back hosted by Corey Nachreiner, CTO of WatchGuard Technologies, Inc. on his 443 Podcast. Corey discussed the potential data deduplication problem on the Dark Web.

Questions to Consider When Choosing a SOAR Solution

Security Orchestration, Automation, and Response (SOAR) solution effectively deal with information security challenges and provide better defence against cyber threats. However, the organizations must be aware of important questions before deploying the SOAR solution. The following sections will take a deep dive to elaborate on these questions.

How To Get Compliant and Stay Agile

Agile companies do things faster. When you think about agile regarding lean startup model, you focus on quick wins, ruthless prioritization, external focus, and continuous improvement. At its core, agile development relies on continuous testing leading to continuous improvement. In cybersecurity, continuous monitoring enables an agile continuous compliance stance.