Connect with us

Cyber Security

Target Data Breach: PCI Scanning More Important Than Ever

Avatar

Published

on

Reading Time: 3 minutes

PCI Scanning

Retailers, like Target,  that accept bank cards are required to adhere to a strict set of standards for protecting the cardholder data, the Payment Card Industry Data Security Standards (PCIS DSS). It has been frequently asserted that there has never been a data breach found where the victim was PCI DSS compliant at the time of the breach.

Yet we have had significant data breaches in card payment systems, the recent breach of the Point of Sale System at Target department stores may be the largest ever. While there has been rampant speculation, we really do not know exactly what happened in the Target data breach yet. One thing is certain, however, Target must have passed their last compliance review in order to be accepting bank cards.

If a company can be compliant and still be breached, what good are the standards?

We do not know if the Target data breach will reveal flaws in the PCI standards, but the larger issue here is that PCI compliance reviews provide a snapshot at a point of time, while data protection is a never ending process. The bad guys don’t sit back and say “Gee, that business is PCI compliant so we will stop trying”. They are relentless.

The Target data breach is stunning because of the size of the organization and amount of data compromised, up to 40 million customers.  POS data breaches generally occur in much smaller organizations, especially “mom and pop” stores that can’t afford a large IT staff of their own.  They may even still view POS systems as essentially cash registers and not networked computers, which of course they are.

In fact, the most common reason a retail POS system is breached is that the business did not even add the most basic protection of  a personal firewall and antivirus scanner.  Every device connected to your network requires these first lines of defense.

Given the consequences of a breach, a business should work to be compliant and secure at all times, regardless of the review requirements.  In fact, the business needs to view data security as broadly part of their IT security requirements and endpoint management and not just a compliance process.

op-nov13-cesmFor example, many POS cash registers use Windows based systems, the most popular target for hackers. They attempt to spread malware onto them the same as they do for any Windows computer.

If that was the case in the Target data breach, it could have been prevented if they were using Comodo’s Endpoint Management System with antivirus with default/deny technology. All program files that cannot be verified as safe are run in a secure virtual operating system where it cannot harm the rest of the computer.

In addition, businesses would be wise to increase the frequency of compliance and threat detection scanning beyond the PCI requirements. Comodo offers 2 great services that provide PCI compliance scanning for your web site, HackerGuardian and Web Inspector.

HackerGuardian is an on-demand, vulnerability assessment scanning solution to enable merchants and service providers to achieve PCI scan compliance. After each scan, you receive a comprehensive vulnerability report detailing any security issues with remediation advice and advisories to help fix them.

Web Inspector provides the same PCI Scanning and much more. It scans your site daily for malware and continuously monitors for other threats.  Importantly, Web Inspector monitors blacklist sites that list compromised web sites. If you are listed, for any reason, on such a site search engines will block them. You lose customers because they can’t find your site.

TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/e-commerce/target-data-breach-pci-scanning/

Cyber Security

Airgain unveils extended portfolio of 5G OMNIMAX Dipole series antennas for M2M and IoT apps

Avatar

Published

on

Airgain announced the release of its OMNIMAX Next Dipole antennas, the latest addition to Airgain’s 5G product portfolio designed to deliver ultra-wideband connectivity for 5G NR sub-6GHz IoT and M2M applications.

The OMNIMAX Next Dipole series includes 5G NR sub-6GHz products for low profile and shock resistant outdoor applications, including “salt shaker” style antennas, indoor dipole “paddle” antennas, and outdoor “candlestick” dipole antennas.

Each product is designed to blend into the environment, with flexible mounting options while providing ultra-wideband connectivity for virtually any indoor or outdoor cellular module, modem, or gateway. The 5G ready OMNIMAX Next Dipole series provides future-proof performance, with backward compatibility from 5G to 4G and 3G global frequency bands.

“Supporting sub-6GHz 5G, particularly the lower bands approaching 600MHz, is challenging for the form factors of these products,” said Kevin Thill, Airgain’s Senior Vice President of Engineering.

“These antennas achieve excellent broadband performance without compromising the form factor, while outperforming competing solutions that we have seen in the market today. These antennas feature a unique and patent pending Coplanar Waveguide feed, which is key to enabling the ultra-wideband performance in the given form factors.

“We are excited to offer the expansion of our product portfolio of 5G ready antennas designed to accommodate wider bandwidth requirements demanded by 5G. The OMNIMAX Next Dipole series provides a cost-effective solution while delivering dependable quality.”

Building on Airgain’s antenna design expertise of CENTURION Next, the industry’s first 9-in-1 5G and Wi-Fi 6 fleet antenna, the OMNIMAX Next Dipole series includes 617 MHz to 6 GHz wideband cellular 5G support. OMNIMAX Indoor Dipole Next, OMNIMAX Outdoor Dipole Next, and M2M SN Next are available through our trusted channel partners or direct at 1-855-AIRGAIN.

Source: https://www.helpnetsecurity.com/2020/07/09/airgain-omnimax-next-dipole-antennas/

Continue Reading

Cyber Security

You Are The Weakest Link

Avatar

Published

on


Tom Finan on human imperfection and cyber security culture




A craftsman never blames their tools. It is not the systems  that ultimately fail cyber security professionals- it’s the people. Insider threats do abound but more often than malfeasance, misfeasance is the key to a breach. It wasn’t the firewall that failed Capitol One, it was a misconfiguration. Tom Finan dives in on culure vs. strategy quoting both Peter Drucker and…Barbara Streisand.  

Episode Overview

Covid 19 has changed 2020 in unprecedented ways in how we work, live our lives, and measure Cyber Risk. Listen to Episode #141 of Task Force 7 Radio as the Cyber Growth Leader from Willis Towers Watson, Tom Finan and Co-Host Andy Bonillo dive into how the “Cyber Security Superheroes” are working together to manage the human element during the pandemic. As claims data shows, effective Cyber Risk prevention and mitigation is largely a people problem. In response, companies need to assess and analyze the elements of their cultures that shape both positive and negative cyber attitudes and behaviors that makes the human element one of the largest risks to a company.

Listen Now

Source: https://www.cshub.com/executive-decisions/articles/you-are-the-weakest-link

Continue Reading

Cyber Security

Axio360 platform to provide holistic view and identify financial impact of risk for Archer’s clients

Avatar

Published

on

Axio announced a strategic partnership with cybersecurity consulting firm Archer. This partnership will merge Archer’s expertise in critical infrastructure protection with the Axio360 platform and allow clients to measure cyber risk exposure in financial terms and manage their cybersecurity program from a holistic point of view.

The Axio360 platform will assist Archer’s clients in identifying cyber risks across business units and threat vectors that may not have previously been considered. The platform estimates all-in costs of exposure and evaluates how specific controls and mitigations will reduce risk.

“The Axio platform was built to fundamentally redefine how organizations solve cybersecurity problems. Our intention is to enable business-centric decision-making by putting the risk in financial terms,” said Brendan T. Fitzpatrick, Senior Vice President of Channels & Partnerships for Axio.

“Our operating system aligns all key constituents and delivers clarity in real-time. This partnership with Archer allows our software to make critical infrastructure safer and more secure.”

“This partnership allows our asset owners to receive tailored recommendations from Axio and our dedicated team. For the first time, our clients will be able to measure their cybersecurity program and benchmark it across their industry peers,” stated Patrick C. Miller, Managing Partner for Archer.

“This collaboration will help the overall assessment and understanding of cybersecurity risk for critical infrastructure.”

Axio360’s methodology and software empowers organizations to continuously answer the four most critical questions for cyber risk:

  • What’s my exposure in financial terms?
  • How should I manage my cyber program?
  • Do I have the financial ability to recover?
  • Where should I invest?

Source: https://www.helpnetsecurity.com/2020/07/09/axio-archer/

Continue Reading
IOT40 mins ago

On today’s Supreme Court ruling

IOT40 mins ago

Mask valve #3DThursday #3DPrinting

IOT40 mins ago

FPV Drone wall mount #3DThursday #3DPrinting

IOT40 mins ago

Pull Copter Finger Ring #3DThursday #3DPrinting

IOT50 mins ago

Open-Source Grinder Makes Compression Screws for Plastic Extruders Easy

Cannabis1 hour ago

July means 710 OIL day and National Ice Cream Day, and Weedmaps is here for it

Fintech1 hour ago

Belgian cooperative NewB picks Wolters Kluwer’s OneSumX

Cannabis1 hour ago

The therapeutic properties of CBD

Start Ups1 hour ago

Covid-19 crisis: Startup funding plunges by 29% in first six months of 2020

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Cannabis2 hours ago

Can The Future Of Florida’s Cannabis Industry Boost Marijuana Stocks?

Blockchain2 hours ago

Top Bitcoin (BTC) Strategist Proclaims Altcoin Season Has Arrived, Names Four Crypto Assets to Watch and One Ready to Retreat

Blockchain2 hours ago

On-chain analyst explains why Chainlink (LINK) is in a “parabolic advance”

Fintech2 hours ago

Tide freezes lending after funding falls through

Cannabis2 hours ago

Ny Times Piece Says Insurance Costs Spike For Cannabis Companies Following Rise In Sector Lawsuits

Cannabis2 hours ago

Article: HOW BLOCKBUSTER GRAND JURY REPORT ON SB’S POT SCANDAL PROVES NEED FOR COUNTY ETHICS REFORM

Gaming2 hours ago

What time does the Steam Summer Sale 2020 end?

Cannabis2 hours ago

Maryland Congressman Tries To Block D.C.’s Psychedelics Decriminalization Ballot Measure

Cannabis2 hours ago

MGC Pharma granted medicinal cannabis import licence

Cannabis2 hours ago

PURA Confirms New Cannabis Cultivation Spinoff and Planned Dividend

Cannabis2 hours ago

An Aussie first: Althea Group (ASX:AGH) launches online medicinal cannabis sales

Blockchain2 hours ago

Brave Announces Partnership With bitFlyer to Provide Better Services

Cannabis2 hours ago

Johnny Depp’s UK Sun Libel Trial Is Turning Into One Cannabis Confession After Another

Fintech2 hours ago

Estonian fintech Planet42 to tap South Africa’s alternative car finance market

Fintech2 hours ago

Square’s $55bn valuation reaches skies of major US banks

Blockchain2 hours ago

Litecoin (LTC) Price Analysis: Fresh Rally To $50 Seems Likely

Blockchain2 hours ago

$100,000 USDC Blacklisted, Highlighting Importance of Decentralized Stablecoins

Cannabis2 hours ago

EuroLife Brands, based in Toronto, said it is issuing 500,000 common shares valued at $250,000 and a cash payment of $35,000 for its initial stake in Farmhus GmbH.

Cannabis3 hours ago

Vantage Hemp Co. Announces Completion of its World-Class Extraction Facilities

Cannabis3 hours ago

Ecofibre Opens New U.S. Hemp Facility

Fintech3 hours ago

European Innovation Council Awards €5 Million to Blockchain Solutions for Social Innovations

venezuela-raises-petrol-prices-mandates-support-for-petro-at-gas-stations-3.jpg
Cannabis3 hours ago

Illinois adult-use cannabis market continues to be hampered by supply issues

Cannabis3 hours ago

MA: Town Of Lakeville Re-Draws Zoning On Cannabis Businesses

Fintech3 hours ago

Halftime Heat Check: The Biggest Fintech Headlines of 2020

Start Ups3 hours ago

Visakhapatnam Gas Leak: Police arrests LG Polymers CEO & 11 others as the investigation continues

Blockchain3 hours ago

Wasabi Wallet – Complete Overview and Installation Procedure.

Blockchain3 hours ago

Australian comedian Jim Jefferies bought one bitcoin for $10,000 just for fun.

Blockchain3 hours ago

Record Revenue for Blockchain Gaming Company During Pandemic

Blockchain3 hours ago

Chainlink (LINK) Rally Stalls At $6.6: Here’s Why Uptrend Is Intact

Blockchain3 hours ago

BitFlyer Partners With Brave to Develop New Crypto Wallet

Gaming3 hours ago

Good News: There’s Footage Of A Dog In A Mo-Cap Suit Working On The Last Of Us Part 2

Trending