Did you think it would never happen? Microsoft and Linux are increasing in their ties to each other. So as we protect systems in our networks, we are increasingly incorporating Linux systems for various reasons, Web servers, specific SQL server database needs or other reasons (file sharing or other support systems). A potential threat vector … Read more
VISA had a presentation last week online to discuss this very question “PCI DSS Validation Process” We will get into the list shortly… First let’s discuss why one needs a validation process. PCI stands for Payment Card Industry and in fact the PCI standards organization is composed of Visa, Mastercard, Discover, American Express and JCB(Japan … Read more
Outsourcing is good, since we cannot specialize in everything we can focus on sales or inventory instead of mundane tasks. So what is important and what is mundane? That depends on your business… most businesses are not a software company, so obtaining software needs by outsourcing may be smart. Then the question is should you … Read more
Does the definition of unknown make measuring risk also unknown? Let’s assume a cloud account has been created on Amazon Cloud(AWS – Amazon Web Services) or elsewhere (Rackspace, Azure, or Google cloud) This cloud account will always be the Achilles heel of your Internet presence. I.e. if someone gets a hold of he main account … Read more
An interesting video from RSA Conference 2018: “There’s no such Thing as a Cyber-risk” So if you look at possible risk domains Computer Security (or Cybersecurity is not on there. Operations: errors – fraud – talent – employee engagement – safety Service Availability: capacity, resiliency, data integrity, intentional disruption Product delivery: pre-executions – release executions … Read more
