Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
01.05.22What PCI Compliance for Cloud Data Looks Like: Challenges and Maintenance Moving to the Cloud is not as simple as “Just put it in the Cloud and we won’t have to do PCI.” The Cloud can reduce PCI Scope but it can also add to the complexity of maintaining PCI compliance. As we will discuss,… Read more »
12.09.21What to Know, How to Prepare, and How We Got Here When 2021 began, everything from the pandemic to the economy felt uncertain. Security threats increased both as a result of those uncertainties and the ever-growing sophistication of the threat landscape. In this post, we’ll review the events that created security threats in 2021 and… Read more »
07.26.21Newsflash: Most networks utilized for Supervisory Control and Data Acquisition (SCADA) were not designed to be secure. Yes, you read that correctly. Kind of a scary thought, especially when your municipal water utility is reliant on this SCADA network to ensure the availability and safety of the drinking water supply! This is why the management… Read more »
07.19.21Mobile devices are often one of the most overlooked assets from a security perspective. Many people are under the false assumption that mobile devices “can’t get viruses”, “aren’t important”, or that they can ignore mobile updates, when in fact, these devices often store more critical data than people realize, yet statistically are barely more secure… Read more »
07.01.21Tighten Cybersecurity Controls Before the Next Ransomware Attack Comes to You Food production is highly regulated by the Federal Food & Drug Administration (FDA) and U.S. Department of Agriculture (USDA) to ensure food safety. However, the computer systems that are used to accomplish and maintain food safety processes don’t fall under the purview of those… Read more »
06.17.21How we identified serious vulnerabilities in a client’s web app that would allow bad actors to view confidential information.
06.03.21The recent ransomware attack at meat processor JBS SA proves the need for a business continuity and disaster recovery plan.
05.18.21How a recent DirectDefense physical penetration test to test PCI compliance demonstrated how credit card data could be easily stolen.
05.13.21The Colonial Pipeline shutdown should be seen as a serious incident pointing to the precariousness of critical infrastructure security.
05.11.21How DirectDefense leveraged the pandemic to exploit remote access security for a large corporate network through an email phishing campaign While most of the world was busy adapting to the Work from Anywhere #WFA movement that the pandemic suddenly brought on, a certain segment of the population saw a unique opportunity to get into an… Read more »
