Risk Assessments, Security, PCI, PCI Community, Assessment, PCIDSS, COVID19, Remote Work

Remote PCI Assessments: We're Adapting With You

Recent events have changed the world we typically wake up to, and it is continuing to change. The ways we interact, the ways we seek necessities, and the ways we conduct business, have all shifted in a very short period of time. 

For many retailers, business is continuing and even trending upwards as consumers shift their shopping habits to online. What doesn't seem likely to change however, is the responsibility that retailers have to protect the consumers' personal information.

Read More
By Sherri Collis on Mar 24, 2020 1:12:05 PM
Risk Assessments, Security, CIO, Cybersecurity, Security Consulting, Healthcare, CISO, HIPAA, Infosecurity, Health Information Security, Threat-Based Risk

When to get a Threat-Based Risk Assessment

Healthcare CISOs and CIOs continue to struggle to get the resources they require to address increasing threats in the digital environment and too often they are presented with risk analysis reports that simply contain a laundry-list of security control failures.

Read More
By Security Consulting Team on Feb 20, 2020 11:32:31 AM
Security, NetworkSecurity, PCI, Cybersecurity, Information Security, compliance, PCIDSS4.0, PCI Community, Payment Card Industry, cardholder data, sensitive authentication data, CHD, SAD, Natural Language Processing Solutions, NLP

Highlights From The PCI Dream Team Session 8

As technology continues to advance, it's critical for the security community to respond to the evolving risk for consumer data.

On Tuesday, January 14, I had the opportunity to once again sit the PCI Dream Team’s eighth online session. During this session, we responded to questions from our participants which covered a broad range of concerns.

Read More
By Jeff Hall on Jan 23, 2020 11:07:14 AM
Risk Assessments, Security, Digital Experience, Digital Transformation, GDPR, Privacy, Business Consulting, Customer Experience, Artificial Intelligence, Agile Coaching, iterative, scrum, scrum master, scrum team, product owner, CEO, Technology Trends, Retrospective

Online's Top 10 Blogs of 2019

Is it this time of year already?! The time of year when the days literally fly off the calendar. When we sit back and consider all that transpired. The many projects, trends, buzzwords, predictions, challenges, and success stories that shaped our year.

It's also the time when we round up some of our favorite blogs that we published in 2019.  While it’s hard for us to pick our Top 10, we did our best. We hope you like the list our team put together.

Read More
By Marketing Team Elves on Dec 18, 2019 10:39:38 AM
Security, Cybersecurity, Security Consulting, Information Security, Digital Business transformation, RSP

Baking Cybersecurity into Your Digital Transformation

You have to transform. Competition is fierce. Business is changing. Customers expectations are increasing. Technology is advancing and making things we only dreamed about 5 years ago a reality.

Can you truly embrace digital transformation while maintaining the security posture of your organization?  You can. 

But you have to start with the right ingredients.

Read More
By Steve Levinson on Oct 2, 2019 2:01:03 PM
Security, PCI, Cybersecurity, InfoSec, DSS, PCIDSS4.0, PCI Community

Notes from the 2019 PCI Community Meeting

The Online Team and I had a great time at the PCI Community meeting last week, set in the spectacular environs of Vancouver BC. We ate and drank, pontificated, watched ferries and seaplanes come into the harbor (my inner 8-year old self couldn’t resist and I booked a flight out on one), and had a generally spectacular time networking with old and new friends in the payment security space.  While there were far too many interesting presentations and conversations to put into one place, I had a few takeaways that I felt were worth sharing. In no particular order:

Read More
By Tony Fulda on Sep 25, 2019 3:39:20 PM
Risk Assessments, Security, Cybersecurity, Hacker, Risk, RSP, hacking, pen testing

Tribe of Hackers - Red Teams & More

Online is proud to feature a chapter from Tribe of Hackers, written by Marcus J. Carey and Jennifer Jin. Our very own security expert Jeff Man shared many insights and stories in chapter 25 of this highly acclaimed book.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has more than 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private sector enterprises, is a former PCI QSA, and was part of the first penetration testing red team at the NSA.

Read More
By Jeff Man on Aug 29, 2019 5:50:02 PM
Security, Digital Transformation, Cybersecurity, AI, Online Business Systems, Digital Business transformation, Cloud Deployment, RSP

How to Avoid Risky Business

At Online Business Systems we have our feet in two different worlds – Digital Transformation and Cybersecurity. As you can guess, we get a lot of questions about how to plan for and incorporate a security strategy when designing and executing a digital transformation project (e.g. process automation, transforming to a paperless organization, incorporating AI, or a cloud migration.) I have read quite a few articles and blogs written on this topic recently and had a few thoughts of my own based on my experiences being on the front lines where we’ve seen security done well (and also, unfortunately, not so well.)

Read More
By Tony Fulda on Aug 1, 2019 1:19:37 PM