Category Archives: Security Program Management

Companies on High Alert for Unemployment Fraud

Posted on by

Proactive Measures to Thwart Unemployment Fraud In the past few months, the TrustedSec Incident Response team has responded to several incidents of unemployment benefit fraud. Due to the pandemic and nationwide lockdowns, there has been an extremely high volume of unemployment claims submitted across the United States, and with greater instances of fraud making it difficult…

The post Companies on High Alert for Unemployment Fraud appeared first on TrustedSec.

Continue reading Companies on High Alert for Unemployment Fraud

How I Retained My QSA Certification

Posted on by

In 2019, the Payment Card Industry (PCI) Security Standards Council (SSC) modified the Qualification Requirements for Qualified Security Assessor (QSA) employees. Prior to the modification, the requirements stipulated that QSA employees must hold either an Information Security certification or an audit certification, but now QSA employees must have a minimum of two (2) industry certifications:…

The post How I Retained My QSA Certification appeared first on TrustedSec.

Continue reading How I Retained My QSA Certification

Using Effectiveness Assessments to Identify Quick Wins

Posted on by

An organization’s overall security posture can be viewed from multiple different angles, such as technical assessments, program assessments, controls assessments, and risk assessments. A number of different frameworks for each of these assessment types exist, intended to help both technical teams as well as leadership organize security program building activities. Some of these include: Penetration…

The post Using Effectiveness Assessments to Identify Quick Wins appeared first on TrustedSec.

Continue reading Using Effectiveness Assessments to Identify Quick Wins

Want Better Alerting? Consider Your Business Processes

Posted on by

Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they…

The post Want Better Alerting? Consider Your Business Processes appeared first on TrustedSec.

Continue reading Want Better Alerting? Consider Your Business Processes

Securing a Remote Workforce: Top Five Things to Focus on For Everyone

Posted on by

Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle…

The post Securing a Remote Workforce: Top Five Things to Focus on For Everyone appeared first on TrustedSec.

Continue reading Securing a Remote Workforce: Top Five Things to Focus on For Everyone

Attacks on the Rise Through Office 365

Posted on by

Office 365 is the most popular line of digital services for businesses for a reason, but when it comes to cyberattacks, its ubiquity is creating challenges. If it seems like every week there’s a new headline about a large-scale hacking incident, it’s not a case of rampant fake news. According to the 2018 Symantec Internet Security…

The post Attacks on the Rise Through Office 365 appeared first on TrustedSec.

Continue reading Attacks on the Rise Through Office 365