Collaborate Disseminate
A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refi… Continue reading Improving Your Security Posture with the Pipeline Cybersecurity Initiative
Last year, I wrote about the Verizon Payment Security Report saying it was ”Not Just for PCI.” Verizon liked that post enough to include its introduction in this year’s version. This recognition was a wonderful surprise. Like last year’s report, the 20… Continue reading Verizon’s 2020 Payment Security Report: Focusing on Strategy
As the retail world’s center of gravity shifts to the cloud, payment card fraud has followed suit. According to Verizon’s retail vulnerabilities study, attacks against e-commerce applications are by far the leading cause of retail data breaches. This t… Continue reading Card-Not-Present Fraud: 4 Security Considerations for Point of Sale Businesses
The PCI Security Standards Council (PCI SSC) and the ATM Industry Association (ATMIA) issued a joint bulletin to highlight an increasing threat that requires urgent awareness and attention. What is the threat? An ATM cash-out attack is an elaborate and… Continue reading ATM cash-out: A rising threat requiring urgent attention
Organizations cannot afford to neglect their PCI compliance obligations. According to its website, PCI could punish offending organizations with a monetary penalty ranging in value from $5,000 to $100,000 per month. These fines could spell the end for … Continue reading A Checklist for Preparing for Your Organization’s Next PCI Audit
Data protection, controls and compliance don’t have to be an onerous obligation. With the right approach, you can turn it into a key differentiator for your business, says Tala’s Director of Product Management, Deepika Gajaria.
The pos… Continue reading It’s all about the data
Being the PCI guy at my company carries a certain amount of burden. Not only am I responsible for all of the ongoing compliance and yearly assessments, but I also have to interpret the PCI DSS scriptures on how PCI affects products, initiatives, and pl… Continue reading 3 common misconceptions about PCI compliance
In a previous post, I wrote about my key take-aways from Verizon’s 2019 Payment Security Report. While it’s no surprise it was full of interesting and useful data, (Verizon’s yearly Data Breach Investigation Report (DBIR) has become r… Continue reading Developing a Data Protection Compliance Program – Verizon’s 9-5-4 Model
On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest bat… Continue reading Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains
October is National Cybersecurity Awareness Month (NCSAM). NCSAM is a joint effort between government and industry to raise awareness about cyber threats. This year, NCSAM highlights three areas where cyber security protections (or vulnerabil… Continue reading October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.