Our team frequently publishes security articles, whitepapers, and produces written evidence for research programmes and formal inquiries. We publish these articles below, so keep checking back!

Customer Cardholder Data Environments – What Could Go Wrong?

A good deal of Friday and yesterday was spent trying to unravel dataflows and network topography to determine the scope of a customer’s cardholder data environment (CDE).  Three interesting channels are currently under scrutiny but today’s job is to get to the bottom of an e-commerce website white labelled by […]

Read Article

QSA Inbox – Ticketmasters fine from the ICO

I love it when both of my professional worlds come together.  It should happen more often than it does, but to date it is a rarity.  That’s possibly because the PCI DSS work is managed by a totally different team with different skills than the data protection compliance management work.  […]

Read Article

Therapy patients blackmailed for cash after clinic data breach

Many patients of a large psychotherapy clinic in Finland have been contacted individually by a blackmailer, after their data was stolen. In what has been described as a “highly unusual ransomware case”, a hacker is demanding money directly from patients after an electronics patient record system in Finland was hacked. […]

Read Article

COVID-19 (Coronavirus Disease), remote working, and security considerations

With increasing numbers of staff working from home, along with new cloud and remote access services being stood-up faster than every before, now is the time to verify that your corporate data is secure.

To guide our clients through the varied risks of remote working, we maintain a dedicated team of NCSC certified security consultants.

Read Article