Planning PCI in the Cloud

What PCI Compliance for Cloud Data Looks Like: Challenges and Maintenance Moving to the Cloud is not as simple as “Just put it in the Cloud and we won’t have to do PCI.” The Cloud can reduce PCI Scope but it can also add to the complexity of maintaining PCI compliance. As we will discuss,… Read more »

A Look Ahead at the Security Threats Looming in 2022

What to Know, How to Prepare, and How We Got Here When 2021 began, everything from the pandemic to the economy felt uncertain. Security threats increased both as a result of those uncertainties and the ever-growing sophistication of the threat landscape.  In this post, we’ll review the events that created security threats in 2021 and… Read more »

Why Mobile Device Security Matters More Than Most Think

Mobile devices are often one of the most overlooked assets from a security perspective. Many people are under the false assumption that mobile devices “can’t get viruses”, “aren’t important”, or that they can ignore mobile updates, when in fact, these devices often store more critical data than people realize, yet statistically are barely more secure… Read more »

Tales From The Road: PCI Compliance 101: Don’t Keep your Network in the Housekeeping Storage Room

How a recent DirectDefense physical penetration test for a national hotel chain demonstrated how thousands of credit card numbers could be stolen in 4 simple steps. PCI compliance is required for any company that accept credit or debit cards, or EBTs, and security requirements are based on the number of transactions a business performs each… Read more »

The Colonial Pipeline Shutdown Demonstrates How Precarious Our Critical Infrastructure Security Really Is

Greater Security Must be Applied to all Operational Technology Systems The Colonial Pipeline shutdown, caused by a ransomware attack, highlights the precarious position of many critical infrastructures.  The effects of the pipeline cyber incident are widespread, as 45% of the U.S. East Coast relies on it for gasoline, diesel fuel and jet fuel. Several southern… Read more »

Tales From The Road: Gone’ Phishin’!

How DirectDefense leveraged the pandemic to exploit remote access security for a large corporate network through an email phishing campaign While most of the world was busy adapting to the Work from Anywhere #WFA movement that the pandemic suddenly brought on, a certain segment of the population saw a unique opportunity to get into an… Read more »