In the earliest days of what could be considered cybersecurity, the primary threats were malicious programs that would operate against the wishes of the machine and its operator. These programs, referred to as viruses, served as the progenitors of what we generally refer to in modern parlance as malicious software or “malware.”

Because the long history of malware and anti-malware protection is often the foundation of most compliance frameworks and approaches to cybersecurity, we’re touching on the topic, including what it is and how it has evolved. 

Read More

The public and private sectors have been increasingly under assault by hackers looking to take information–whether for espionage, blackmail, or profit. And while some of the past few years’ high-profile government and industrial attacks have been at the center of many cybersecurity stories, the reality is that hacks in the retail and consumer spaces have been incredibly impactful.

In fact, some of the largest data breaches have been due, in part, to a lack of compliance with PCI DSS standards… and this presents a major challenge for merchants and payment processors who want to protect their customers’ information. 

Here, we’ll cover three major security breaches related to PCI DSS compliance and what you can learn from them.

Read More

In April 2022, NIST stopped accepting applications for validation certificates for the FIPS 140-2 standard of security in lieu of the updated FIPS 140-3. While many companies are still waiting for their FIPS 140-2 certification (if they got their application in before the April deadline), many are now considering adopting the new 140-3 standard. 

But, to understand the new standard, it’s important to understand the old. FIPS 140-2 has been the NIST standard for cryptography for almost two decades, and its impact will still be felt for years to come. 

Read More