Resources

How to Stop Your Employees Falling Victim to Shipping Notification Scams this Holiday Season
Blog

How to Stop Your Employees Falling Victim to Shipping Notification Scams this Holiday Season

Tue, 11/24/2020
With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud. As many employees will be shopping online during working hours, cyber security leaders need to educate employees on phishing threats and teach...
Cyber Threats
Phishing
Data Security
7 Cyber Security Tips for Retailers
Blog

7 Cyber Security Tips for Retailers

Thu, 11/19/2020
The holiday shopping season presents a target-rich environment for cybercriminals. In fact, as per the 2020 Trustwave Global Security Report, the retail industry is the most targeted sector for cyber attacks for the third year running. An increasing shift to a digital environment—a change due in no small part to the COVID-19 pandemic—isn’t making data protection easier for retailers either. ...
Data Security
Blog

Governance and Information Security

Thu, 02/13/2014
Information security governance is a subset of corporate governance and can complete or encompass the governance of information technologies. It directs or strategically aligns information security activities and ensures that the company’s business objectives are reached. It also guarantees that information security risks are adequately managed and that information resources are used responsibly. ...
Compliance
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a response plan to deal...
Compliance
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS Cloud Computing...
Cloud Security
Compliance
Blog

Secure information destruction

Tue, 04/09/2013
What is the value of the information stored on your computer equipment or paper documents? What would the impacts be if your personal or confidential information fell into the wrong hands (e.g. financial loss, loss of image / reputation, regulatory or legal non-compliance)? Can you be certain that a proper destruction method was used on the information (whether in digital or paper form) to ensure...
Data Privacy
Data Security
Security Awareness Training