PCI Compliance for Small Business
When customers’ sensitive information is stolen during a data breach, the financial and resource costs to those buyers as well as to the retail merchants involved can be significant. In an effort to protect customer information during the payment transaction process,...
FFIEC Cybersecurity Assessment Tool
The Federal Financial Institutions Examination Council (FFIEC) is a governmental body made up of five banking regulators. Its objective is to promote uniformity in the supervision of financial institutions. To that end, it provides organizations with a FFIEC...
Red Flags Rule Compliance Tips
Identity theft takes a massive toll on millions of Americans each year. It also has a devastating financial effect on the merchants and credit organizations who constantly struggle to avoid breaches and pay the costs involved in dealing with the aftermath of the...
Massachusetts Data Security Laws
Regardless of where you do business in the United States, you already know that the security of your stored and transmitted private data is of paramount importance. However, individual states implement their own laws to ensure that this sensitive information is...
Artificial Intelligence in Cyber security
Blog Without artificial intelligence (AI), we would not have speech recognition technology such as Siri, search engines like Google or facial recognition capabilities. What’s more, financial institutions would not be able to prevent billions of dollars in...
SOC 2 vs. ISO 27001: Key Differences
Blog Deciding between SOC 2 and ISO 27001 certifications can be like choosing the correct key for a specific lock. One focuses on managing how service providers handle customer data, while the other sets a global standard for information security. ...
AWS Penetration Testing
Blog Amazon Web Services (AWS) platform supports a wide variety of business activities that include data storage, web application services, networking and code development. Unfortunately, it has recently become all too clear that these platforms can be...
Information Security Program
Any management or human resource professional knows that standards and practices can never be truly implemented and enforced unless and until they are thoroughly documented. As you might imagine, this maxim also holds true when it comes to protecting your network,...
Security Maturity Model
There are two complementary objectives of any cybersecurity operation. Tools both automated and human must be in place to monitor network systems, scan for vulnerabilities and predict threats. Additionally, reaction measures must be available should your data come...
Penetration Test Report
Blog For any modern enterprise, the security of systems and web networks must be a top priority. In order to achieve that goal, businesses hire IT staff; they invest in hardware firewalls, spam filters, anti-malware programs and automated threat detection...