Today’s news cycle is all about the impact that coronavirus/COVID-19 has been having within the world’s economy and health and welfare of most all individuals. I am sure you are prepared to handle the loss of a server or recover lost data, but what about … Read more
The PCI Security Standards Council (SSC) has issued welcome new guidance to help organizations respond to a data breach event. In its September 29 press release, the Council writes: “For any organization connected to the internet, it is not a question of if but when … Read more
While many payment card data breaches are easily preventable, they can and do still happen to businesses of all sizes. If your small or mid-sized business has discovered it’s been breached, the ETA’s Risk, Fraud & Security Committee and Arnall Golden Gregory LLP have produced a straightforward guide … Read more
ControlScan advises its customers and clients with eCommerce websites, or those which handle sensitive data, that a critical vulnerability has been discovered affecting the OpenSSL 1.0.1 and 1.0.2-beta implementation of the SSL protocol. The vulnerability is known as ‘Heartbleed,’ and should be seen as an … Read more
NOTE: There have been updates to the PCI DSS 3.0 standard since this post was published. The current revision is 3.2r1.1; however, the only significant changes to the SAQ B-IP have been the additions of segmentation testing and multifactor authentication for all remote access. The new … Read more
(It’s more than you think—and you’re more at risk than you know.) Confusion. Denial. Plain old wishful thinking. That’s what we hear when we talk to people about the real cost of data breach. Whether you’re an ISO, an acquirer, or a merchant, maybe you’ve … Read more