Quick Intelligence Blog

(Image courtesy Trend Micro)

Compliance means: to conform by fulfilling requirements. In cybersecurity, compliance refers to fulfilling specific cybersecurity requirements, outlined by a governing body. In other words, government organizations, committees, and regulatory boards develop requirements (together called standards) outlining a baseline of cybersecurity protocols. For example, a requirement might be that organizations MUST have password restrictions in place, such as length, repetitiveness, and level of difficulty.

Is there such as thing as “just enough” cybersecurity? This is a question businesses have to ask themselves. Most organizations know that they need cyber security, but they don’t know how much security they need, they don’t know what to secure, or how to do it.

The Cybersecurity threat landscape is constantly changing. It makes sense that your cybersecurity policies and procedures need to be updated regularly to address these changes. Couple that with the quickness of how the workplace is also evolving shows the need to update policies often.

The biggest area of economic growth during the COVID-19 pandemic was eCommerce. A press release issued by ACI Worldwide reported that most retail sectors saw a 74% rise in online sales in March of 2020 compared to the same period in 2019. This growth is great; however, it could lead to issues if online businesses do not take the appropriate cybersecurity measures. The following 3 cybersecurity issues can adversely affect your eCommerce business.

They say a fence is only as strong as its weakest link, that holds true with cyber security as well. With most companies outsourcing services to companies like yours (and ours!), what we do to protect ourselves directly impacts the overall cyber security postures of our customers.

Privacy and security go hand in hand. Cyber security focuses on protecting the information from unauthorized access, while privacy focuses more on protecting the contents of the information and ensuring it isn’t accessed or shared inappropriately. Both businesses and individuals have an expectation of privacy when they trust another business with their data.

A new survey by the Canadian Internet Registration Authority (CIRA) says that nearly 70 per cent of Canadian organizations facing a ransomware attack last year paid the demands to avoid downtime, reputational damage and other costs. The interesting thing is that when they asked cyber security professionals if they supported legislation to make ransomware payments illegal, 64% said yes.

So, you are a small business owner, and are about to land your first big client. Everything is going well, but before they sign the contract, they hand you a cyber security questionnaire. Now the panic sets in. Does this sound familiar?

PCI compliance, or Payment Card Industry compliance, is a set of standards created to ensure that when business take credit card payments online, they do it in a secure manner, minimizing the risk of credit card theft. The PCI Council creates the rules (there are ~150 of them) which dictate everything from firewall configuration to security protection on devices used to store, process, or transmit credit card data.