October 27, 2020 •
I’d like you to think about something: What, in your mind, is going to be the next mass exploitation of cardholder data affecting the secure e-commerce of small and medium online retailers? What simple mistake or mistakes are being consistently made by these retailers that will lead to the next rash of mass theft of credit card data? We’ve actually just seen a sign of the coming attacks.
E-Commerce Security • Website Security
September 21, 2020 •
Early on in my security career, while studying for my CISSP certification, the author of the book I was reading presented a concept of how to treat risk once it is known. Management has the choice of treating, accepting, deferring, or denying the risks that are found or identified. While most all security frameworks require […]
September 17, 2020 •
This week was an exciting one for us here at ControlScan, because we officially announced the general availability of ControlScan MDR Essential. A new tier of our Managed Detection and Response (MDR) product suite, MDR Essential is aimed at cost-conscious small and mid-sized businesses (SMBs) and the channel partners that serve them.
Active Monitoring • Endpoint Security
September 2, 2020 •
Who would have ever thought that in 2020, we would have had to execute a disaster recovery plan because of a pandemic on an international scale? I am sure most organizations planned for the technology aspect of an outage as well as the ability to meet SLAs and recovery point expectations. But did you plan for the loss of your staff?
Business Continuity • Coronavirus
August 14, 2020 •
I must admit that when I sat down to write this blog post I felt a bit silly writing out the title “The Million Dollar Laptop.” This is not a post about a wildly overpriced and new, barely changed, or updated piece of tech that Apple is releasing, or some exorbitant gaming laptop that you are hoping to purchase to play Fortnite or Minecraft. No, this is about the simple neglect of a lost device. Neglect that cost a healthcare organization $1,040,000.00.
Compliance • Risk Management
July 14, 2020 •
In the world of healthcare, like any business environment, there is an important difference between being secure and being compliant. Sure, healthcare data security and HIPAA compliance share similarities, but one does not equal the other. Here’s how to build healthcare data security into your HIPAA compliance.
Compliance • Vulnerability Management
July 8, 2020 •
There is a fine line being walked in the merchant acquiring and payments space. As both the primary players and the smaller providers know, merchants’ security threat landscape continues to shift and expand at a rapid pace. Guiding merchants down the path of implementing security protocols to protect the merchant, and mitigating breach risk for the processor, can be challenging. We see acquirers meeting this challenge through what I call a “scalpel approach.”
Payment Security • PCI Compliance • Risk Management