minerva

Should I undertake PCI DSS v3.2.1 or v4.0 next?

PCI DSS applies to any merchants or service providers that process, store or transmit cardholder data (CHD); or could impact the security of CHD.  Examples of processing include any retailers taking payments at tills, mortgage brokers or accountants taking online payments, organisations with customer support taking telephone payments etc. Examples of organisations who may impact

Should I undertake PCI DSS v3.2.1 or v4.0 next? Read More »

In the hospitality sector?

The hospitality sector is a crucial part of the global economy, with millions of people traveling and staying in hotels, resorts, and other hospitality establishments every year. However, as technology continues to evolve and data becomes more valuable, the sector faces new and complex data security challenges. Let’s review the three top data security challenges

In the hospitality sector? Read More »

All Hail Zero Trust?

“Trust, but verify” is a Russian proverb made famous by former US President Ronald Reagan. The concept should be simple, that is: How to define trust Decide on the level of security to apply to a situation It is not so simple to do. Many organisations can be complex. Systems even more complex. One task of a security

All Hail Zero Trust? Read More »

It is a disaster

Let’s harden our perimeters and harden our systems, put great password controls and have put in lots of technology to help with logging/monitoring. Cyber, cyber, cyber… “#Cyber” is all the rage right now. When it comes to security, many businesses focus on the IT side. You have heard me say before in my other articles and I will

It is a disaster Read More »

❓ 𝙎𝙝𝙤𝙪𝙡𝙙 𝙮𝙤𝙪𝙧 𝘾𝙄𝙎𝙊, 𝘾𝙄𝙊 𝙤𝙧 𝙄𝙏/𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙇𝙚𝙖𝙙𝙚𝙧𝙨 𝘽𝙚 𝙁𝙞𝙧𝙚𝙙 𝘼𝙛𝙩𝙚𝙧 𝘼 𝘽𝙧𝙚𝙖𝙘𝙝?

There is a lot of pressure for those responsible for protecting the information and assets within an organisation. These could be those who wear the Chief Information Security Officer (#CISO), Chief Information Officer (#CIO), or similar security role. Often the case, security is just passed to a non-security person called the IT Manager or Chief

❓ 𝙎𝙝𝙤𝙪𝙡𝙙 𝙮𝙤𝙪𝙧 𝘾𝙄𝙎𝙊, 𝘾𝙄𝙊 𝙤𝙧 𝙄𝙏/𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙇𝙚𝙖𝙙𝙚𝙧𝙨 𝘽𝙚 𝙁𝙞𝙧𝙚𝙙 𝘼𝙛𝙩𝙚𝙧 𝘼 𝘽𝙧𝙚𝙖𝙘𝙝? Read More »

Information Security / Cyber Security Learning

❓ 𝙃𝙤𝙬 𝙩𝙤 𝙆𝙣𝙤𝙬 𝙄𝙛 𝙔𝙤𝙪𝙧 𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙏𝙧𝙖𝙞𝙣𝙞𝙣𝙜 𝙄𝙨 𝙀𝙛𝙛𝙚𝙘𝙩𝙞𝙫𝙚

Prevention is better than a cure. To help prevent a data breach, you need to first look at why these are happening and where. IBM’s ‘Cost of a Data Breach 2022 Report’ indicates different industries getting attacked. Healthcare particularly gets hit hard. Not only that, stolen or compromised credentials are very costly. This was the

❓ 𝙃𝙤𝙬 𝙩𝙤 𝙆𝙣𝙤𝙬 𝙄𝙛 𝙔𝙤𝙪𝙧 𝙎𝙚𝙘𝙪𝙧𝙞𝙩𝙮 𝙏𝙧𝙖𝙞𝙣𝙞𝙣𝙜 𝙄𝙨 𝙀𝙛𝙛𝙚𝙘𝙩𝙞𝙫𝙚 Read More »