After a few delays, PCI DSS version 4.0 was finally announced publicly on March 31, 2022. While entities may still use PCI DSS v3.2.1 until its retirement date on March 31, 2024, there are some notable changes that should be given consideration in advance. Since the initial evolution of PCI …
At the end of March, the PCI Standards Security Council (PCI SSC) publicly released the most recent update to the PCI Data Security Standards (DSS), version 4.0. While much speculation has occurred as to the contents of the new standards—and much of that speculation turned out to be correct—now it’s …
Cyber attackers have spent considerable time and resource to develop cyberattack methods that evade detection. Which means a focus on complete attack prevention may be unattainable—or if attainable, not sustainable for very long. Cyber criminals are becoming increasingly organized, with increasingly sophisticated attack methods. For most organizations, this means it’s …
Last month I shared a post about prioritizing data security in the uncertain future that is 2022, whether that uncertainty pertains to existing or net new privacy laws, expansions of security controls, or other regulatory factors. One thing is for certain, this year brings with it a lot of potential …
The after effects of a data breach can reach far and wide. Lesser seen impact can include the cost of remediation, revenue loss, reputational harm, national security, even human life. The ripple effect of indirect costs—monetary and otherwise—can end up impacting a company’s bottom line for years. Accounting for the …
While both political instability and remote working behaviors play into the prevalence of cyberattacks, another factor behind why attacks such as ransomware continue year over year is the simple fact that they’ve been successful. Cyber criminals are constantly looking for ways to steal data that doesn’t belong to them. And …
Any hopes that cyber attacks would slow down in 2022 have been crushed as attacks targeting a wide range of prominent organizations continue to hit the news. From the new threats of cyber warfare to financial institutions, here are some of the top cyber attacks seen last month. Russian Cybercriminal …
Summer is here, and with many organizations still allowing employees flexibility in where they work, it’s expected that some of them will take their job on the road. Many are itching to travel while the weather’s nice and COVID restrictions are light, and the remote work model affords the opportunity …
May 25, 2022, marked the fourth anniversary of the European Union’s General Data Protection Regulation (GDPR), and it might surprise you to learn that in that time, most companies still aren’t compliant, and some have no means to ever become compliant. In my opinion, GDPR and other like-minded data privacy …
