by Omega | May 2, 2017 | Risk Assessment
Risk assessment and risk management (PCI compliance requirements 10.6.2 and 10.6.3) are 2 controls usually shoved off to the end of a Qualified Security Assessor (QSA) audit or Self–Assessment questionnaire (SAQ) process. Even as late as 2015, organizations considered...
by Omega | Mar 31, 2017 | Cyber Security, Data Breach, Social Media
Hackers tend to be extra active on April 1st. So, things you’d watch out for are: Email attachments from friends, contacts, colleagues… basically everyone. Hackers like this simple channel. Email links within the mail. Pay close attention to the URL on the links....
by Omega | Mar 30, 2017 | Distributed Denial of Service
A Distributed denial-of-service (DDoS) attack refers to flooding of a server with junk requests until it fails to respond to legitimate ones. Similar to spam, which costs pennies to send millions of messages, DDOS attacks are cheap to launch, but the impact on...
by Omega | Mar 26, 2017 | Data Breach, Data Security, Skimming
Gas Pump Skimmers: Have you noticed a red tape/seal similar to the one in this picture at your gas station pumps? This is a simple sticker across the top of the card reader covering a key slot. If the sticker is torn, it’s a warning to users and indicates an...
by Omega | Mar 24, 2017 | Data Breach, Data Security, PCI DSS 3.2
In late 2015 the FTC concluded its lawsuit with Wyndham settling the litigation pertaining to whether their data security policies led to data breaches. The settlement shows that the FTC analysis of whether data protection efforts are reasonable will be dependent on a...
by Omega | Mar 12, 2017 | PCI, PCI DSS, PCI DSS 3.2
We are now well into the year and spring is almost here. The nagging PCI compliance pain is starting to reappear. So, retailers: Where would you begin? Here’s a list of things that can help you check off some important milestones, but you need to get cracking...
by Omega | Feb 9, 2017 | Managed Security Service Provider
Every CFO knows about “cost creep”; the slow build up over time of 3rd party vendors and staff to manage programs that contribute to margin erosion. Nowhere in an organization has cost creep become more cannibalistic than data security. With each new threat, or...
by Omega | Jan 23, 2017 | Data Security, PCI DSS 3.2
Electronic transactions are a retailer’s lifeblood. If the data they hold is breached, there are consequences. Understanding the consequences is the first piece of the puzzle to understanding where PCI Compliance Return on Investment (ROI) comes from. ROI comes...
by Omega | Dec 14, 2016 | Cyber Security, Data Breach, Data Security, PCI DSS 3.2, Security Strategist
The PCI Council recently released new guidance and standards concerning segmentation.[1] This is excellent guidance and Omega recommends you read the entire document, but for purposes of this blog we’d like to highlight some interesting bits from the guidance...
by Omega | Dec 6, 2016 | Cyber Security, Data Breach, Data Security
On opening this piece, you’re probably thinking, “here’s one more article related to cyber crime and a few more tips on protecting your data.” Sometimes, the information overload on cyber security makes the process of securing data seem more complex...