“The changing threat landscape…” That phrase gets a lot of mileage in the cybersecurity industry. It is a simple truth that seems to require more and more complicated responses. You can clear the haze and put core security essentials back into focus with the Center...
Cybersecurity
PCI Compliance: SAQ A Changes With Big Impact for eCommerce Sites
Every business accepting credit card payments is impacted by the changes coming to the cardholder data protection standards. For businesses with an ecommerce application or website using iFrames or full site redirect to a PCI DSS-compliant service provider, there are...
ChatGPT’s Hidden Security Risks Gamble With Business Data
The world is talking about ChatGPT, large language models (LLMs), and other modes of artificial intelligence. So much so that I believe we’re witnessing what will be the zeitgeist of the 2020s. Simultaneously amazing and terrifying, these tools have everyone wondering...
The Art of Data Protection Blends Data Loss Prevention Into Business Operations
All data has value, but not the same value. Critical data needs to be accessible while sensitive data needs stringent controls and less important data needs less resources. When DLP is adapted to specific data priorities and context and baked into workflows, rather...
Back-To-School Cybersecurity Checklist For K-12 Schools
IT teams in school districts across North America started planning and prepping for the start of the next academic calendar not long after the previous one ended. Detailed planning goes into getting staff, students, and classrooms technology-ready for the first day of...
How Pen Testing Curbs Security Leaks in the CI/CD Pipeline
Software and application developers have a need for speed. Being first-to-market when it comes to products, services, and features has competitive advantages. To fast-track development, more organizations are combining methodologies, practices, and automation that...
Results From Your Threat & Vulnerability Assessment Are In: Now What?
When a CISO or IT leader chooses to have a cybersecurity assessment done, that decision starts with recognizing that an existing internal process or program might not be fully effective or complete. That conclusion isn’t always easy. Internal teams don’t always know...
PCI DSS v4.0 Deep Dive: Scoping Requirement 12.5.2
If your business processes, stores, or transmits credit card and cardholder data, you should be on your way to enacting changes needed for your organization’s compliance with PCI DSS v4.0 which goes into effect on March 31, 2024. Version 4.0 encompasses 13 new...