By: Justin Fimlaid For a long time our industry has been saying that addressing people, process, and technology will solve some of the hardest problems in cybersecurity. The term people, process, and technology fundamentally suggests the destination and solution is...
By: Justin Fimlaid You’ve probably heard the rumors. The PCI Council is prepping to release the PCI Data Security Standard 4.0. To date the actual proposed changes have been kept private to the PCI-SSC stakeholders (so limited viewing). The PCI-SSC stakeholders...
By: Justin Fimlaid Authentication is a critical piece of any application. It’s also always the piece of security architecture that is commonly attacked, so it’s important to get it right. When we talk about authentication it’s the act of establishing that someone or...
By: Justin Fimlaid Many companies struggle to make the decision on when to hire Information Security or Cybersecurity staff. This is a collection and benchmark from 250 different companies from different industry verticals on how they choose to staff security teams...
