If you’ve been keeping up with the Payment Card Industry Data Security Standard (PCI DSS), you’ll know it has a new specification that revolves around network security controls. Let’s dig into the details.A Little Back StoryIt helps to level-set for anyone who might be coming into this from a non-technical role. We all know PCI DSS (v4.0) is the payment card industry’s compliance standard for...

The transition to PCI DSS 4.0 is here. The transition period from PCI DSS 3.2 ended on March 31, 2024, so businesses in all sectors must focus on aligning their practices with the new requirements.This blog will guide you through the key points discussed by PCI experts Steven Sletten and Jeff Hall in a recent webinar held by Fortra on "PCI 4.0 is Here: Your Guide to Navigating Compliance Success....

Companies often go for high-end cybersecurity solutions because dealing with complex problems looks impressive. The appeal of fancy tech and advanced security challenges gives them a sense of achievement and a chance to show off their skills - and says they're serious about staying ahead of cyber crooks.However, this isn't always the best strategy. Many significant risks arise from simple...

It seems like such a short time ago that the Security Standards Council released the newest version of the Payment Card Industry Data Security Standard (PCI DSS). It has been a full year, and version 4.0 is now in effect. Industries that adhere to the Standard were given the year to implement the new changes. The Standard includes limited exceptions for specific requirements, classifying them as...

In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined.The IoT Security ChallengeSecuring the Internet of Things (IoT) presents complex challenges that stem primarily from the scale, heterogeneity, and distributed nature of IoT networks:Inconsistent security standards: One of the most pressing issues is the...

In the past four years, cyberattacks have more than doubled. Cybercriminals are leveraging emerging technologies like artificial intelligence (AI) to facilitate more sophisticated attacks. Geopolitical tumult has increased cyber risk. Couple these factors with a near-ubiquitous desire for businesses to expand their operations, and it’s easy to understand the need for scaling Security Operations...

I recently came across the "Johari Window Model" and thought this would be a good way to gain inspiration to explain the conundrum faced by many cybersecurity customers. The table below shows us the breakdown of the stages that are applicable not just to IT and OT environments but also to other facets of our daily lives. This model can be applied...

The Internet of Things (IoT) refers to the global network of physical devices connected to the internet, capable of collecting and sharing data. IoT devices range from everyday household items to sophisticated industrial tools. By integrating sensors and communication hardware, IoT bridges the gap between the physical and digital worlds, enabling environments where smart devices operate...

In the intricate landscape of cybersecurity, Digital Forensics and Incident Response (DFIR) stand as the sentinels guarding against the onslaught of digital threats. It involves a multifaceted approach to identifying, mitigating, and recovering from cybersecurity incidents. In the physical world, the aftermath of a crime scene always yields vital...

Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway, to name a few....

The emergence of innovative Financial Technology (FinTech) has spearheaded rapid growth in the digital payments sector. In recent years, global payment revenues exceeded valuations of $2.2 trillion, with a steady Compound Annual Growth Rate (CAGR) expected in the next five years. There is no denying the convenience benefits that the digital...

One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into ensuring that they are. ...

The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the role and new mandate of web application firewalls (WAFs) in ensuring compliance....

Interconnected, data-enabled devices are more common now than ever before. By 2027, it is predicted that there will be more than 41 billion new IoT devices. The emergence of each new device offers a fresh vulnerability point for opportunistic bad actors. In 2022, there were over 112 million cyberattacks carried out on IoT devices worldwide....

Introduction For the longest time within the cybersecurity industry, we have had Chief Information Security Officers (CISOs) whose role is to set the strategic direction for Information Security within an organisation. But what are the stepping stones to becoming a CISO? In the past, this has been a difficult question to answer, but typically the...