The increasing risk of cyber-attacks coupled with compliance obligations has meant that even small and medium sized organizations are scouting for executive leadership to support them in the critical field of cybersecurity.
Reconnaissance is the first action in which a threat actor engages with a target and for our purposes can be defined as the use of openly available Internet sources of information to gain insight into an organization’s applications, services, technologies, people, and webpage relationships. In a nutshell, reconnaissance is nothing more than locating and analyzing publicly available sources of information about an individual or organization.
When customers provide a company with their credit card information, they trust that their data will be processed, stored, and transmitted securely. To ensure that businesses meet that expectation, major credit card companies alongside the PCI Security Standards Council, created the Payment Card Industry Data Security Standard or PCI DSS for short. PCI DSS is a set of technical and operational requirements intended to protect account data, combat fraud, and reduce the chances of data being breached.
The changed world we have found ourselves living in since the global pandemic struck in 2020 has been particularly helpful to cybercriminals. Working from home, the ongoing digitization of our lives, and the increasing online nature of business mean opportunities for phishers, hackers, and scammers have increased. As we head into 2022, there is, unfortunately, no sign of this letting up. Therefore, it is essential for individuals and businesses to be aware of the ever-growing avenues of attack and implementing practices to mitigate the risks.
Open-Source Intelligence or, OSINT, is the collection and analysis of information gathered from publicly available sources. This extends to much more than a Google search. There is much more information on the internet than can be found using search engines. It is estimated that only 4% of the internet is searchable using search engines. That leaves 96% of information on the internet cannot be accessed using Google, Bing, and other search engines. OSINT tools are effective at finding information which cannot be found by search engines.
Audit logs play a critical role in security management. They can provide us with insight into what has happened on our systems, and on our networks at any given time. More specifically, if implemented correctly, logs can tell us what happened across multiple systems and when a system is compromised, it will log and record all activity of the attacker. These logs can help us prevent or detect violations of confidentiality, integrity, and availability.
Cybersecurity professionals are far too familiar with the classic response “It won’t happen to us.” This is a common excuse among business owners that are hesitant to invest in cybersecurity. Unfortunately, many small and medium sized businesses are falling victim to cyber criminals. It is imperative that all organizations regardless of size take the necessary precautions to protect their customers and brand.
A Payment Card Industry Data Security Standard (PCI DSS) readiness assessment can help your organization determine whether you are ready to undergo a full PCI DSS audit or self-assessment.
Throughout the Covid 19 pandemic organizations around the globe have been reacting to the turmoil created by the uncertainty of the ongoing crisis. Senior leaders are adjusting operating models faster than ever before to ensure survival. For many CISO’s they have been working diligently to advance their digital business strategy and accelerate opportunities to leverage technology. The large scale adoption of work from home technologies and the exponentially increased use of remote services has supported company operations and stabilized revenue. However, these advancements are placing immense pressure on cybersecurity operations.