In May, IBM and Ponemon Institute released a study on the cost of a data breach, and found startling statistics: Average cost per lost record is $217. Average total cost of a data breach is $6.5 million. And, as if the one-two punch of monetary and reputation loss a data breach hits you with is […]
Criminals steal sensitive data for a living.
On July 19, well-known security blogger Brian Krebs reported that the online cheating site AshleyMadison.com had been compromised. A group known as The Impact Team released a cache of data stolen from Avid Life Media (ALM), the parent company of Ashley Madison and two other hookup sites, Cougar Life and Established Men. The data released […]
Over the years we’ve spent working in the data security industry, we’ve talked to countless QSAs, and companies that have had QSAs audit them. Observing from a neutral perspective, it became clear to us that how quickly a company can attain PCI compliance (or, how quickly they can get secure), is dependent on the quality […]
In just a little over a month, Windows will end its support for Windows Server 2003. If your server is one of the millions still running the platform, it’s time to abandon ship. Why does this matter? Because if any new vulnerabilities or exploits are discovered for the platform, big brother Windows is not going […]
Visa has hosted security summits in the APAC region for 11 years now, and while much has changed, some topics remain as relevant as ever.
The Verizon DBIR is one of the annual scriptures read by data security enthusiasts worldwide, and this year’s offering is no different. The report is packed full with meticulously-gathered, mind-blowing statistics, and yet presented in a light-hearted tone with pop culture references ranging from gangster rap to Disney musicals. Here are a few highlights […]
A middle schooler in Florida has been charged with offense against a computer system and unauthorized access (a felony charge). What the middle schooler did sounds akin to a hacker infiltrating his school’s extremely secure network by executing a high-level brute force attack. Following that, he conducted an ideologically driven cyberattack designed to inflict trauma […]
What’s the main change in PCI DSS 3.1? The way we transmitted data securely on the internet using SSL encryption is no longer considered secure due to recently found weaknesses. As a result, the PCI DSS has been updated to remove SSL from its definition of Strong Encryption which is required to keep data safe. […]
Data breaches are happening every day. Companies worldwide are losing large amounts of sensitive data to hackers, who can turn a pretty penny selling credit card numbers and healthcare information on the black market. The problem here is, many of these companies are trying to keep their hacks out of the evening news, and this […]
Last week, I received this email from Twitch.tv, a popular livestreaming service for gamers. The first thought that popped into my head was “I’m not even mad, just disappointed”. (The second thought was that I am slowly sounding more and more like my Dad, but that’s irrelevant.) Data breaches are a definite scourge of the […]