Blog, Risk & Assurance

Ecommerce Security and PCI DSS compliance – Encouraging security awareness, Part 2

by Natasja Bolton, Acquirer Support Manager, Risk and Assurance Division In part 1 last week, I discussed how businesses may be putting themselves at risk by assuming that ‘PCI DSS compliant’ also meant secure, (for part 1 please click here). Maybe what we should be doing is encouraging businesses to focus less on compliance as an annual […]

Articles, Blog, Risk & Assurance

Understanding the significance of Operations Security (OPSEC) in a fast evolving threat landscape

by Dr. Grigorios Fragkos, Senior Information Security Consultant, SysnetLabs It is not the first time a military term is being used by the Information Security community in order to describe an Information Assurance process. Operations Security (OPSEC) is a military term referring to the protection of different types of unclassified information which could end up […]

Blog, Risk & Assurance

The LogJam attack vulnerability – what you need to know

Logjam attack, a vulnerability that affects a number of major protocols has been discovered. The bug relates to a weakness within a cryptographic algorithm that is used in most protocols (such as HTTPS, SSH, IPsec, SMTPS, etc.) it is possible for a Man-in-The-Middle (MiTM) attacker to read and modify any data passed over the affected encrypted communication. A […]