Resources

Our team frequently publishes security articles, whitepapers, and produces written evidence for research programmes and formal inquiries. We publish these articles below, so keep checking back!

Customer Cardholder Data Environments – What Could Go Wrong?

A good deal of Friday and yesterday was spent trying to unravel dataflows and network topography to determine the scope of a customer’s cardholder data environment (CDE).  Three interesting channels are currently under scrutiny but today’s job is to get to the bottom of an e-commerce website white labelled by […]

Read Article

QSA Inbox – Ticketmasters fine from the ICO

I love it when both of my professional worlds come together.  It should happen more often than it does, but to date it is a rarity.  That’s possibly because the PCI DSS work is managed by a totally different team with different skills than the data protection compliance management work.  […]

Read Article

Therapy patients blackmailed for cash after clinic data breach

Many patients of a large psychotherapy clinic in Finland have been contacted individually by a blackmailer, after their data was stolen. In what has been described as a “highly unusual ransomware case”, a hacker is demanding money directly from patients after an electronics patient record system in Finland was hacked. […]

Read Article

COVID-19 (Coronavirus Disease), remote working, and security considerations

With increasing numbers of staff working from home, along with new cloud and remote access services being stood-up faster than every before, now is the time to verify that your corporate data is secure.

To guide our clients through the varied risks of remote working, we maintain a dedicated team of NCSC certified security consultants.

Read Article