Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
BET24 warns over data breach – 19 months later
As reported by The Register (http://www.theregister.co.uk/2011/07/26/bet24_security_breach/), online gambling site BET24.com notified customers on Monday of data breach that occured in December, 2009. (more…)
Hackers Shift Attacks to Small Firms
In 2010, 63% of breach investigations involved companies with fewer than 100 employees – small firms. That’s up from 27% in 2009 – a dramatic increase. (more…)
Reducing the Scope for PCI Compliance
The PCI DSS is comprised of over 200 specific requirements, including technical, administrative and policy controls; for this reason, the first consideration when approaching PCI compliance is determining exactly which parts of the environment have to be included within the PCI compliance scope and which do not, based upon the scoping rules provided by the PCI Security Standards Council (see link below for details). Scope reduction is the key to keeping the costs and time required to achieve PCI compliance to a minimum. (more…)
PCI Council Releases Revised PA-DSS Eligibility Criteria
On June 29, 2011 the PCI Security Council released a checklist outlining the types of payment applications that are eligible for PA-DSS validation: (more…)
You are… The Weakest Link!
I’ve written about this before, but I think it bears repeating now and then. Security awareness of an organization’s employees is as important as ever and is often the weakest link in an organization’s information security posture. (more…)
$865,000 fine for HIPAA violations is latest from HHS OCR
Early July sees the latest fines imposed by Health & Human Services Office for Civil Rights for HIPAA violations. (more…)
Summary of Recent Data Breaches
So many recent data breaches – its becoming hard to keep up. Here’s a quick summary of some data breaches. There are many more where this came from, and the full list of known breaches can be found at these sites: (more…)