Risk assessments are a way of reviewing your assets, the threats to those assets, any vulnerabilities or conditions that leave them open to those threats, and what you are doing to mitigate the risk to those assets. What comes out of that analysis ultimately is an understanding of your residual risk, or how likely is […]
Vulnerability management programs and the vulnerability management tools that support these processes are becoming more and more important to organizations. As the cybersecurity threat landscape shifts more quickly than ever, organizations have to try to stay caught up with new vulnerabilities that could be affecting them to avoid being caught in waves of cyber attacks. […]
The Payment Card Industry (PCI) Security Standards Council (SSC) is an independent body created by Visa, MasterCard, Discover, American Express, and JCB formed in 2006 to develop and enforce standards to protect credit card information. Together, they created the PCI Data Security Standard (DSS), a baseline set of technical and operational requirements which applies to […]
Zoom has seen an incredible up-tick in their user base during the COVID-19 pandemic. Between schools, businesses, and individuals just trying to stay connected with family, Zoom has been one of the most popular video conferencing solutions to meet everyone’s newfound needs in this new remote and socially-distanced environment. With all of this increased attention […]
A common term used in many different industries is authentication. In information security specifically, authentication is the process of determining if a person is who they say they are. Usually, this process is completed prior to giving that person access to something, so you can envision authentication as a guarded gate before a person is […]
Recently, we were asked by a client what VAPT meant. VAPT is an acronym for Vulnerability Assessment and Penetration Testing. This is a broad term which can refer to many different types of security testing, so we’ll dig a bit deeper into different services that could be referred to as VAPT, with the goal of […]
In today’s blog, we will be discussing social engineering attacks in the age of COVID-19. Social Engineering is a popular vector for attackers and with the rise of remote work due to the pandemic, companies’ IT security departments need to be increasingly vigilant. As many of our readers are no doubt aware, social engineering attacks […]
So you just had a client tell you that you need to be PCI certified, what comes next? First, every situation is slightly different, so it’s always a good idea to jump on a quick call with someone who is familiar with PCI to discuss your options, what’s being required of you, and what the […]
In the spirit of Cyber Security Awareness Month, today we take a look back at useful tricks and tips to help improve your organization’s cyber security awareness. This year, with the pandemic and many employees working from home, cyber security awareness is paramount in keeping your company secure. Remember, you are only as secure as […]
A cyber security risk assessment can take many forms. In order to determine what sort of assessment is best suited, you first need to define your goals and work backwards to determine the type of assessment required. Today, we will discuss some of the different ways to assess cyber security risk . Below are common […]
