In today’s interconnected world, IT system trustworthiness has become an essential cornerstone for critical infrastructure’s seamless and secure functioning. As governments, enterprises, and industrial organizations rely on complex digital systems, the trustworthiness of these systems must be measured and maintained. 

The need for trust in IT systems has been magnified by the rapid adoption of emerging technologies such as artificial intelligence, the Internet of Things (IoT), and cloud computing, which have introduced new layers of complexity and vulnerability. 

Here, we discuss trustworthiness from the perspective of the National Institute of Standards and Technology (NIST), the challenges and strategies for achieving IT system trustworthiness, exploring the technologies, methodologies, and best practices that organizations can employ to safeguard their digital assets and instill confidence in their stakeholders.

Read More

In the earliest days of what could be considered cybersecurity, the primary threats were malicious programs that would operate against the wishes of the machine and its operator. These programs, referred to as viruses, served as the progenitors of what we generally refer to in modern parlance as malicious software or “malware.”

Because the long history of malware and anti-malware protection is often the foundation of most compliance frameworks and approaches to cybersecurity, we’re touching on the topic, including what it is and how it has evolved. 

Read More

The good news? PCI DSS 4.0 is out, but the adoption schedule for the new standard is quite generous. The better news? The PCI Security Council has decided to implement a tiered approach to adoption. The first will finalize when the previous version (3.2.1) is officially retired in 2024. The second, known as the “future dated” requirements, will have an additional year. 

This article will cover the future-dated requirements from PCI DSS version 4.0.

Read More