by Joshua Jones | Feb 16, 2023 | Compliance, cybersecurity, PCI DSS 4.0
Today, let’s look at changes made to Requirement 2 for PCI DSS 4.0. Requirement 2 Changes In Requirement 2, we will find our first PCI DSS new control for 4.0: In 3.2.1, roles were not necessary to be defined in 2.x controls. While role definition...
by Joshua Jones | Oct 25, 2022 | Compliance, cybersecurity, PCI DSS 4.0
Now that you are looking at your timeline, you may be wondering how you can get from where you are now, a sage of PCI DSS 3.2.1, to where you will need to be by 2024. The PCI DSS 4.0 Summary of Changes Using the PCI DSS Summary of Changes document, you can...
by Slade Griffin | Sep 6, 2022 | cybersecurity, penetration testing, Uncategorized
We are constantly updating and evolving our deliverables in an effort to provide more context around our security services. With that in mind we have been tracking some metrics since 2020 that allow us to see why organizations remain vulnerable to compromise. One of...
by Andrew Nash | Aug 3, 2022 | cybersecurity, penetration testing, Uncategorized
“Hacking” isn’t magic, but sometimes it is presented that way. Much of penetration testing and “hacking” is learning the tools of the trade and how they work “under the hood.” In this series we hope to provide a high-level overview of common...
by Terence Martin | Jul 19, 2022 | cybersecurity, penetration testing
On a recent engagement, the client I was assessing had a relatively strong security posture. None of the old standby attacks were working. The client had disabled LLMNR and WPAD based on a previous security assessment, and all the client’s Windows machines were...
by Kevin Thomas | Jun 17, 2022 | cybersecurity, incident response
The most recent Cost of a Data Breach Report (Ponemon 2021) found that “Lost Business Cost” represented the largest percentage (38%, or $1.59M) of the $4.2M average cost of a data breach. One of the key contributors to the “Lost Business Cost”, along with the cost of...
Recent Comments