May 20, 2019 •
Every diligent company or organization understands cybersecurity is needed, but often doesn’t know how to budget for the appropriate protection. It’s not always a clear-cut number, but there is a way to develop a return on investment (ROI) or return on expense (ROE) equation that you can share with your budgeting team and C-level executives who are looking to you for answers.
April 25, 2019 •
When cybersecurity coverage gets slim—whether it’s due to a lack of internal expertise or technology capabilities, or both—key business functions tend to go on what I call “autopilot.” Firewalls run using outdated configurations, legitimate security threats go unnoticed, and everyone is just hoping today isn’t the day an employee clicks a bad link and unleashes a crippling malware attack. Learn about the three business functions that should never be put on cybersecurity autopilot, and how to proactively address your organization’s expertise and manpower challenges.
Endpoint Security • MDR • Network Security
March 20, 2019 •
Counterfeit payment cards, stolen payment cards, use of an assumed identity to complete a credit card application… these are easily-recognizable examples of payment card fraud. When a fraud incident occurs in the retail setting, it’s often contained with only small losses occurring to the merchant involved. But what happens when a payment card data breach occurs at that same business? Are its causes and consequences basically the same?
Payment Security • Point of Sale
January 29, 2019 •
A lot of data runs through your business’s network. Data is coming and going, and moving rapidly, as systems and applications “talk” and pass along information to each other. Most SMBs pay no attention to these internal workings and conversations, unless there is a functional failure that requires someone’s review of the system logs to determine where the breakdown occurred. The rapid increase in malware, however, is causing many executives to choose a more active IT security strategy.
Active Monitoring • MDR • SIEM
December 19, 2018 •
Recently I sat down with CSP Magazine technology writer Jackson Lewis to talk about the technology “arms race” retailers and law enforcement are in with skimming criminals. We refer to it as such because, like every other area of cybersecurity, there is a continual one-upping of technology going on between the good guys and the bad guys. When it comes to fuel pump skimmers, however, there may be an end in sight…
Encryption • Payment Security • Point of Sale
November 15, 2018 •
Security automation is a hot topic these days, mainly because it’s become humanly impossible to keep up with the sheer volume and variance of cyber threats hitting organizational IT networks at any given time. Even with the best security defenses in place, sooner or later an attacker is going to get through. The goal, of course, is to discover the attack and mitigate it as quickly as possible—and that’s where security automation can be extremely valuable.
Active Monitoring • MDR
November 5, 2018 •
Here at ControlScan, a big part of our day-to-day lifestyle is knocking down threats and cyberattacks for our customers’ businesses as well as our own. Cybersecurity is where we live, so sometimes we lose sight of the fact that none of this makes any sense to a non-technical person. One topic we field a lot of questions on is event correlation. Let’s take a look at what it is and how it positively impacts your cybersecurity efforts.
Endpoint Security • MDR • Ransomware
October 31, 2018 •
Once an obscure processing model for special situations, the business of payment facilitation is now burgeoning. There are many benefits to becoming a payment facilitator, including increased control over the user experience. Unfortunately, the same qualities that serve as benefits often raise the payment facilitator’s PCI risk.
October 2, 2018 •
There’s a lot of buzz in the marketplace these days around SIEM, which is Security Information and Event Management. I’ve had people tell me that their SIEM technology isn’t of much use, and others tell me that it’s critical to their business’s everyday security posture. The vast difference between those two is usually the same thing, which is how the related tools are deployed, and what the staff around them looks like.
Active Monitoring • MDR • SIEM