Security, Cybersecurity, Security Consulting, Information Security, Digital Business transformation, RSP

Baking Cybersecurity into Your Digital Transformation

You have to transform. Competition is fierce. Business is changing. Customers expectations are increasing. Technology is advancing and making things we only dreamed about 5 years ago a reality.

Can you truly embrace digital transformation while maintaining the security posture of your organization?  You can. 

But you have to start with the right ingredients.

Read More
By Steve Levinson on Oct 2, 2019 2:01:03 PM
Security, PCI, Cybersecurity, InfoSec, DSS, PCIDSS4.0, PCI Community

Notes from the 2019 PCI Community Meeting

The Online Team and I had a great time at the PCI Community meeting last week, set in the spectacular environs of Vancouver BC. We ate and drank, pontificated, watched ferries and seaplanes come into the harbor (my inner 8-year old self couldn’t resist and I booked a flight out on one), and had a generally spectacular time networking with old and new friends in the payment security space.  While there were far too many interesting presentations and conversations to put into one place, I had a few takeaways that I felt were worth sharing. In no particular order:

Read More
By Tony Fulda on Sep 25, 2019 3:39:20 PM
Risk Assessments, Security, Cybersecurity, Hacker, Risk, RSP, hacking, pen testing

Tribe of Hackers - Red Teams & More

Online is proud to feature a chapter from Tribe of Hackers, written by Marcus J. Carey and Jennifer Jin. Our very own security expert Jeff Man shared many insights and stories in chapter 25 of this highly acclaimed book.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has more than 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private sector enterprises, is a former PCI QSA, and was part of the first penetration testing red team at the NSA.

Read More
By Jeff Man on Aug 29, 2019 5:50:02 PM
Security, Digital Transformation, Cybersecurity, AI, Online Business Systems, Digital Business transformation, Cloud Deployment, RSP

How to Avoid Risky Business

At Online Business Systems we have our feet in two different worlds – Digital Transformation and Cybersecurity. As you can guess, we get a lot of questions about how to plan for and incorporate a security strategy when designing and executing a digital transformation project (e.g. process automation, transforming to a paperless organization, incorporating AI, or a cloud migration.) I have read quite a few articles and blogs written on this topic recently and had a few thoughts of my own based on my experiences being on the front lines where we’ve seen security done well (and also, unfortunately, not so well.)

Read More
By Tony Fulda on Aug 1, 2019 1:19:37 PM
Cybersecurity, InfoSec, Security Consulting, Information Security, Threat

The Cybersecurity Marathon

We hear a lot about the pace of change and the increasingly sophisticated threats facing organizations today. You don’t have to look much further than the daily headlines to read about new ways of doing business, or the latest successful data breach. 

What’s becoming very clear is that Cybersecurity is not a sprint, but rather a marathon.
Each leg of the race presents new challenges and requires a commitment to diligence, risk management, and continuous program improvement. What we’ve done in the past is now proving to be insufficient and ineffective for the unpredictable terrain ahead. Different threat landscapes requires different solutions …and occasionally you need to stop, rest, and re-hydrate along the way.

Read More
By Steve Croucher on Jun 27, 2019 1:16:00 PM
Security, HPComputers, PrinterSecurity, ReinventSecurity, Cybersecurity, TechDay, #BugCrowd, #BugBounty, #TheFixer

HP Continues to Demonstrate its Commitment to Printer Security

In August 2018, Onliner Jeff Man attended the Black Hat Conference in Las Vegas, Nevada. While at Black Hat Jeff had the opportunity to connect with the team from HP and discuss the importance, and changing landscape of printer security.
 

In early 2017, HP invited a group of cybersecurity industry bloggers and podcasters to gather for an HP Print Security “Tech Day” at their headquarters in Palo Alto, CA. The purpose of the gathering was to introduce the group to HP’s printer security program (#reinventsecurity), foster discussion, and get feedback on the program. This event was the precursor to a major marketing campaign for HP to promote everything they’ve been doing in terms of making their printers more secure and also building printers with “cyber resilience”, meaning they have the capacity to detect malicious or accidental actions and even recover from the attacks. HP has worked diligently to improve the security of printers which in turn helps to create a more secure enterprise network.

Read More
By Jeff Man on Sep 20, 2018 3:57:53 PM