New PCI – Payment Card Industry Standards in 2019

A new Secure Software Requirements and Assessment Procedures was released v1.0 on Jan 2019. So if you are developing software for the Payment card industry either for an application on a website or for a retail location you have a new framework and software requirements standard. Developing software to capture credit card information (and use … Read more

IoT, IT and OT Merging and Needs Integrated Defense

First of all what is the alphabet soup: IoT, IT and OT? Internet of Things, Information Technology, Operational Technology are explained best in the sans.org white paper: https://ics.sans.org/media/IT-OT-Convergence-NexDefense-Whitepaper.pdf Operational Technology (OT) consists of hardware and software systems that monitor and control physical equipment and processes, often found in industries that manage critical infrastructure, such as … Read more

Stopping Social Engineering Attacks No, Slow Down Yes!

Elements of an Attack: From the article at TechNewsWorld. Social Engineering is equivalent to scammers trying all types of methods to gain information or money. What does it mean to have an image above that shows many possible Social engineering attacks? Let’s list them: Techniques Phishing Pretexting Baiting Quid Pro Quo Compliance principles Friendship or … Read more

October is Cybersecurity Awareness Month

In a year of many problems and issues the Department of Homeland Security decided to make October the National Cyber Security Awareness Month (NCSAM) since 2003. https://www.dhs.gov/national-cyber-security-awareness-month   The Theme is Own IT. Secure IT. Protect IT. Own IT is reminding you to travel with cybersecurity in mind (at least some of the time), Social … Read more