The security function has often been at odds with the rest of the business. While the latter guns for growth, CISOs have historically been seen as more interested in managing cyber risk than supporting their colleagues. Sometimes this can lead to direct conflict. A 2024 report claims that 79% of ... Read More

Data is both blessing and curse to the modern enterprise. Yes, when analyzed effectively it can surface intelligence to improve decision making, customer engagement, process efficiency and, ultimately, drive revenue. But it also represents a major business risk. It can be stolen, corrupted, and held to ransom—causing potentially significant damage ... Read More

The deadline for PCI DSS 4.0 has been and gone. But it’s never too late to advance compliance plans. It’s not just about avoiding potentially large fines and other penalties. Following the standard to the letter helps ensure organizations are adhering to industry best practices, devised by some of the ... Read More

With the deadline for PCI DSS 4.0 compliance just around the corner, it’s decision time for organizations. For many, compensating controls are a godsend, introducing a degree of flexibility into what is otherwise a rigorous, demanding and heavily detailed standard. But while this approach can be a useful means of ... Read More

The Payment Card Industry Data Security Standard (PCI DSS) has always been considered one of the most prescriptive industry mandates around. And well might it be, given what’s at stake. As breach volumes surge and threat actors find it ever easier to bypass traditional cyber-defenses, the card industry must ensure ... Read More

When threat actors get their hands on legitimate corporate credentials, it makes blocking unauthorized intrusions far more challenging. Yet that’s exactly what’s happening across the globe, thanks to the growing popularity of infostealer malware. The result is to feed the criminal supply chain with stolen data—fuelling follow-on fraud for customers ... Read More

PCI DSS 4.0 was designed 20 years ago to help reduce the risk of major breaches of card data at financial services firms, retailers and others that store, process and transmit this information. As the emergence of AI tooling and a sophisticated cybercrime supply chain tilt the advantage in threat ... Read More

Data breaches reached a record high in the US last year, impacting over 350 million individuals. According to one estimate, financial services firms suffered the second highest total of breaches in 2023: 744. It’s not hard to imagine why. In many cases, threat actors will have been focused on targeting ... Read More

Valid card data is highly sought-after on the cybercrime underground. In fact, it’s helping to drive a global epidemic in payment fraud predicted to reach $40bn by 2026. In a bid to stem losses, the card industry created the Payment Card Industry Data Security Standard (PCI DSS) over two decades ... Read More

The life of a CIO is not dissimilar to that of a trapeze artist. The reason we’re able to soar so high is because of the safety net beneath. Remove that, and the whole show comes crashing down to the ground. In a similar way, the only way we can ... Read More