Cyber Security

The Patient and the Painter

There are two analogies I use more than any other when it comes to educating people about compliance and management; specifically risk management, as it relates to regulation, business processes and best practices. I have worked in compliance for over 10 years and in information technology (IT) for 15, and in my experience, they...

9 Reasons Why Backing Up Cloud Services are Critical

"Insert Company Here" is Not Responsible for Your Data:  While Microsoft, Google, or AWS might be responsible for keeping the cloud infrastructure services available (which makes sense), you are accountable for protecting your data which is hosted by those services. With Microsoft, this is commonly known as the Office 365 Shared Responsibility Model , which...

Does PCI DSS Apply to me?

What are the 12 requirements of PCI? Protect your system with firewalls Configure passwords and settings Protect stored cardholder data Encrypt transmission of cardholder data across open, public networks Use and regularly update anti-virus software Regularly update and patch systems Restrict access to cardholder data to business need to know Assign a unique ID to each person with computer access Restrict physical access...