Consequences of Not Maintaining PCI Compliance

Posted by Mohan Shamachar on Apr 18, 2018 11:56:25 AM

 Why must a payment card processing entity comply with PCI DSS Standard?

Before we answer the question above, let’s take a look at the means and motives for a threat actor to act maliciously against any business. The most common motives are money, business records and sensitive data, design plans, business plans, medical records, legal records, business reputation and others.

Read More

Topics: risk management, rsi, cybersecurity, PCI, PCI DSS Requirements, PCI Audit, PCI Compliance Fee

Can card verification codes be stored for recurring autopay transactions?

Posted by RSI on Apr 18, 2018 11:33:23 AM

Life in 2018 is busy. I know, I’m right in the thick of it. The thing that just nags the most? Bills. Call me crazy, but I still make payments manually on a regular basis. Then there are some payments I just leave to the autopay overlords. As much as I like being in control, there’s something satisfying about having that bill paid on it’s own. A small amount of pressure swept away from a busy life.

Read More

Topics: risk management, rsi, cybersecurity, PCI, PCI DSS Requirements, Storing Credit Card Information, PCI Compliance Credit Card Storage, Credit Card Verification

Who Must Comply with PCI standards?

Posted by RSI on Apr 11, 2018 2:48:55 PM

Staying on top of the latest in rules and regulations as a business owner is of paramount importance to the long-term viability of your organization. You know it is, yet you find that you become a deer in the headlights when tasked with needing to be compliant when accepting credit card transactions.  Where do you start? Do you really need to be compliant? What happens if you’re not compliant? Thankfully, this article is your one-stop-shop for the answer to these questions and a myriad of others you may have regarding PCI (Payment Card Industry) DSS (Data Security Standard) compliance. Dive into the topic in greater detail by absorbing this guide that investigates current and future PCI DSS cardholder regulations and requirements, who they apply to, and what you can do to keep your client’s cardholder data safe from the constant threat of data breaches.

Read More

Topics: risk management, rsi, cybersecurity, PCI, PCI DSS Requirements

GDPR Compliance - An essential guide to personal data security

Posted by Mohan Shamachar on Mar 13, 2018 8:03:00 AM

In this age of digital transformation, the upcoming EU General Data Protection Regulation (GDPR) sets a new bar for privacy rights, security, and compliance.

Read More

Topics: compliance, risk management, pii, GDPR

SamSam shows up again with a ransom note

Posted by Mohan Shamachar on Mar 5, 2018 10:20:22 AM

Last week, the Colorado Department of Transportation was hit with the SamSam ransomware forcing it to shut down 2000 computers across its system. Believed to be a new variant of the previous SamSam ransomware, according to Talos Intelligence at Cisco, this ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do not appear to be highly targeted, and appear to be more opportunistic in nature. As we all know these ransomware can cripple critical systems such as those in the healthcare services impacting patients across the world.

Read More

Topics: Hacking, compliance, risk management, Cyber Attacks

International Bank Cyber Heist via SWIFT...again...

Posted by Mohan Shamachar on Feb 22, 2018 9:37:47 AM

India’s City Union Bank, a small private lender, said on Feb 18, 2018 that “cyber criminals” had hacked its systems and transferred nearly $2 million through three unauthorized remittances to lenders overseas via the SWIFT financial platform. Chief Executive Officer N. Kamakodi called it a “conspiracy” involving multiple countries, and added the lender was still investigating how it had happened. The bank had discovered the three “fraudulent remittances,” which were sent via correspondent banks to accounts in Dubai, Turkey and China.

Read More

Topics: Hacking, compliance, risk management, Cyber Attacks

Taking the Pulse of Healthcare Cybersecurity in 2018

Posted by Eric Haruki on Feb 20, 2018 8:43:56 AM

Has the Healthcare industry truly learned anything from the 2015 Anthem breach?  

Judging by the results of the latest Security Scorecard report, the industry is still unprepared to face existing and known Cybersecurity risks, let alone counter emerging risks presented via expanded mobile and IoT threat vectors.  Security Scorecard collected data from 1,200+ Healthcare companies and 1) found how the industry performs relative to other major U.S. industries and 2) uncovered absolute weaknesses within Healthcare organizations.   

Read More

Topics: HIPAA, Healthcare Cybersecurity

Cyber attacks at the 2018 PyeongChang Winter Olympics

Posted by Mohan Shamachar on Feb 14, 2018 8:59:34 AM

A cyberattack paralyzed internet networks at the opening ceremony of the 2018 Pyeongchang Winter Olympics. Several U.S. cybersecurity firms have uncovered a computer virus named Olympic Destroyer that was likely used in an attack.

Read More

Topics: Hacking, Cyber Attacks, 2018 PyeongChang Winter Olympics

PIN on Glass - Intro, Benefits, Obstacles

Posted by Eric Haruki on Feb 12, 2018 1:41:51 PM

What is Pin on Glass - Background & PCI regulations

The PCI Security Standards Council (PCI SSC) recently announced a new security standard for consumer PIN entry on commercial off-the-shelf devices (COTS).  The new software based PIN Entry (SPoC) Standard provides a software-based approach (vs. entering a PIN on a “hardware” keypad) for securing PIN data entry on a diverse array of touchscreen COTS devices in the market today, such as a smartphones or tablets.

Read More

Topics: PCI, Pin on Glass

Blockchain and You - A primer on the underlying technology that makes Bitcoin possible

Posted by Eric Haruki on Jan 25, 2018 8:47:52 AM

 Intro

Given the media attention on Bitcoin’s daily value gyrations, it’s easy to be distracted away from the technology that makes the cryptocurrency (and its ilk) possible.  Today’s blog isn’t to debate the true value or future of Bitcoin, but rather to examine Blockchain, the protocol that enables Bitcoin’s “currency sovereignty”, along with a host of other possible applications.  

Read More

Topics: Blockchain Technology, Bitcoin

RSI is the nation's premier information security and compliance provider dedicated to helping organizations achieve risk-management success.

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all