With businesses holding more data than ever before, the frequency of cyber breaches can only be expected to increase. Every business that handles personally identifiable data is subject to various privacy regulations and standards, such as US government privacy standards for health information (HIPPA), industry required standards for credit card transaction data (PCI-DSS), and voluntary
Category: Security Compliance
Thanks to everyone who came by RSA to say hello! We enjoyed our time in San Francisco and talking with everyone. Ransomware and the Internet of Things dominated the conversations, but will these topics still be hot in two years? Probably not. As technology, training and awareness address current vulnerabilities, a new weak link in
You passed your PCI DSS compliance audit, that must mean your organization is safe from cyber attacks…right? Wrong. While that PCI DSS certificate is important, it is by no means a guarantee you’re secure from hackers or immune to the repercussions of a data breach. Just take a look at Target. The discount retailer was
Sometimes, it’s pure accident—a coworker innocently downloads an attachment that contains malware. Other times, it’s intentional—a terminated employee extracts sensitive company data as an act of revenge. Either way, insider security breaches can cost you and your organization dearly. In fact, insider incidents cost companies $4.3 million per year on average. Human error, negligence, and
New York Department of Financial Services (NYDFS) has enacted 23 NYCRR Part 500, a new regulation designed to establish a cybersecurity baseline for financial service companies, which went into effect on March 1, 2017. Generally speaking, this mandate applies to financial services firms such as banks and insurance companies licensed by the state of New York.
We know, we know. You merely consider PCI compliance and you’ve already hit overload. Now, while it provides a challenge, it really has improved protection in three significant ways: Improved overall security posture and reduction in costly fines and data breaches. Organizations are better prepared to detect and prevent attacks. Operational efficiency is improved when