Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
Webinar: A Deep Dive into the New 4.0 DSS Requirements Applicable Immediately
There are 14 new requirements that are effective immediately for any PCI DSS 4.0 validation. Join Viviana Wesley for a deep dive into these requirements so your organization can start working on these right away.
Webinar: A Deep Dive into the Emerging New 4.0 DSS Requirements that are Due by March 2025
There are 51 requirements that are best practices until March of 2025. Some will be process related and some will require technology or program changes.
Preparing for Your Transition to PCI DSS v4.0 Webinar
PCI DSS v3.2.1 expires on March 31, 2024. Organizations should now be planning their transition to PCI DSS v4.0. With 64 new requirements in PCI DSS v4.0, companies have a lot to consider in preparation for the coming deadline. In our 5-part PCI Webinar Series, learn about the general changes to 4.0, new requirements, best practices, and how an increased focus on risk evaluations in this new version will be a driving force for security and compliance. Register for the first session and view details of the other four webinars below.
(more…)2023 Cybersecurity Regulatory and Resources Calendar
Managing your security program is challenging, especially with compliance requirements evolving.
Here is a quick overview of the regulatory landscape for 2023. This reference provides links to the law or rules. It also includes references to help you make informed decisions on priorities, resources and technology to manage your risk.
T-Mobile Agrees to a $350 Million Data Breach Settlement
T-Mobile is the second-largest wireless carrier in the U.S. and has an estimated 110 million subscribers. The company has been repeatedly targeted by external threat actors over the past decade. The first large breach occurred between September 1, 2013 and September 16, 2015 and affected some 18 million customers. Another breach occurred in 2018, involving more than 2 million customers. It experienced another attack in 2019 involving its prepaid customers followed by two attacks in 2020.