For a long time, the domain of specialised technology teams within organisations resulted in siloed IT operations and risk being kept away from the wider business. Cybersecurity a topic gaining attention around Exec and Board tables in today’s digital world. Terms like cyber activism, ransomware, and cyber terrorism haven’t been around all that [...]
A criticism often aimed at Payment Cards Industry‘s (PCI) Data Security Standard (DSS) is that it sets the bar too high. Often security practitioners find fault in the way that PCI DSS does some things (minimum password lengths anyone?). The truth is probably somewhere in between these two extremes. There are parts of PCI [...]
We all know that 2020 brought a lot of uncertainty and changes to the way that we do things. And while some of that is not going to change in 2021, we thought this was a good time to look forward to what we expect for 2021 in the payments industry and how [...]
You may have heard something about the Privacy Act being updated. There's lots in the news these days about privacy, including new laws being passed which protect customer data: GDPR (EU General Data Protection Regulation) from 25th May 2018 CCPA (California Customer Privacy Act) from 1st January 2020 PDPB (India Personal Data Protection [...]
More and more stores are moving online. Whether that was part of your plan or something that you've recently decided to do, it's important to make sure that you protect your customers' data. That means you need to take steps to secure your online store. In this article, we want to focus on [...]
We are seeing a lot of trends where organisations are moving to the cloud. If you haven’t moved to the cloud, you’ve probably been asked about it by at least one person in your organisation. The biggest players that we see in the cloud space are: Amazon Web Services [...]
New Zealand is starting a period where lots of people are going to be working from home because of COVID-19. For some of us, it’s temporary; for others it may be (or become) a normal way of working. With this massive shift in how we are having to work for a period of time, we [...]
Automated penetration testing (pen-testing) is an up-and-coming approach that aims to address the issues businesses face with more traditional approaches to pen-testing, which relies almost completely on the skill and experience of pen-testers and the budget and timeframes applied to the pen-testing engagement. […]
Every year, Verizon publishes a report on PCI DSS and the key findings from the year. 2019 was no different. One of the most interesting findings of this report is how few organisations have a programme in place to measure the maturity of the PCI compliance program. Approximately 60% of organisations that were surveyed did [...]
