Tag Archive: data security

Security Awareness: 5 Ways to Educate Your Employees

Written by
Published 03/13/2017

Security Awareness: 5 Ways to Educate Your Employees   Security awareness training is the number one tool needed to build a culture of cybersecurity. For a business to remain secure, employees from the top levels of senior management to the most introductory level jobs need to buy into the importance of cybersecurity. Employee training sessions, however, are like those required introductory college courses. People feel they already know the information so they only half-heartedly pay attention and then wing the quizzes at the end hoping for the best, sort of like those college essays they hated writing. Unlike a college essay, security awareness has long-term financial and reputational risk implications. The 2016 IBM Cost of Data Breach Study indicated that…

June News Round-Up: More Data Breach News, Crypto Wars 2.0, and Acer Hack

Written by
Published 06/30/2016

Biggest Data Attacks of 2016 (So Far) Data attacks, breaches and vulnerability disclosures continue to dominate headlines this year. Dark Reading has compiled an overview of the largest attacks to date in 2016. A key takeaway from the report is that anyone can become a target, and the consequences of an attack can be dire. Everyone’s trying to do more with less, and as security budgets continue to get squeezed, you’ll need to make sure you’re getting the most value for your compliance dollars. Simplifying risk management and compliance activities can help you achieve a better return on investment and make the best use of limited compliance resources. The full article from Dark Reading can be found at the following…

May News Round-Up: The Latest PCI Data Security Standard Update, and New Info on Data Breaches

Written by
Published 05/20/2016

The Latest PCI Data Security Standard Update PCI compliance is important for all companies accepting or processing card payments. The PCI Security Standards Council introduced a new version of its data security standard, version 3.2, at the end of April. There is a phase-in (sunrise) period for use of the new version. Customers currently undergoing or scheduled to undergo a PCI audit can use the old 3.1 standard until October of 2016. Customers scheduling an audit after October will have to use the new 3.2 framework. The transition to the new framework can be made easier with a GRC tool to help you identify the changed requirements and map your existing security controls to meet the new objectives. You can…

Tags: , ,
Categorized in:

August News Round-Up: The Ashley Madison Breach, Car-Hacking and Industry Updates

Written by
Published 08/26/2015

Get Your Affairs In Order: The Ashley Madison Breach Ashley Madison hackers made good on their initial threat from July this past week, releasing a downloadable database containing the following: 33 million accounts with user information, including names, street addresses and phone numbers 36 million email addresses 9.6 million documented transactions 10 GB of compressed data Regardless of the morality of Ashley Madison’s services, this was an illegal hack of a website whose business depends on the security and confidentiality of user information. The Ashley Madison story is particularly terrifying because it offers a glimpse of how damaging security breaches can be now as more personal user information moves online. Sensitive information, when shared publicly, hits far closer to home…

Tags: , , ,
Categorized in: