Our Thinking

Recent events have changed the world we typically wake up to, and it is continuing to change. The ways we interact, the ways we seek necessities, and the ways we conduct business, have all shifted in a very short period of time. 

For many retailers, business is continuing and even trending upwards as consumers shift their shopping habits to online. What doesn't seem likely to change however, is the responsibility that retailers have to protect the consumers' personal information.

A HIMSS Conference can be overwhelming.

If you haven’t been before, picture a small city’s population encased in a massive building, all trying to either get the most out of the event, or be heard above the noise of every other vendor, speaker, or influencer.

Healthcare CISOs and CIOs continue to struggle to get the resources they require to address increasing threats in the digital environment and too often they are presented with risk analysis reports that simply contain a laundry-list of security control failures.

As technology continues to advance, it's critical for the security community to respond to the evolving risk for consumer data.

On Tuesday, January 14, I had the opportunity to once again sit the PCI Dream Team’s eighth online session. During this session, we responded to questions from our participants which covered a broad range of concerns.

Is it this time of year already?! The time of year when the days literally fly off the calendar. When we sit back and consider all that transpired. The many projects, trends, buzzwords, predictions, challenges, and success stories that shaped our year.

It's also the time when we round up some of our favorite blogs that we published in 2019.  While it’s hard for us to pick our Top 10, we did our best. We hope you like the list our team put together.

You have to transform. Competition is fierce. Business is changing. Customers expectations are increasing. Technology is advancing and making things we only dreamed about 5 years ago a reality.

Can you truly embrace digital transformation while maintaining the security posture of your organization?  You can. 

But you have to start with the right ingredients.

The Online Team and I had a great time at the PCI Community meeting last week, set in the spectacular environs of Vancouver BC. We ate and drank, pontificated, watched ferries and seaplanes come into the harbor (my inner 8-year old self couldn’t resist and I booked a flight out on one), and had a generally spectacular time networking with old and new friends in the payment security space.  While there were far too many interesting presentations and conversations to put into one place, I had a few takeaways that I felt were worth sharing. In no particular order:

Online is proud to feature a chapter from Tribe of Hackers, written by Marcus J. Carey and Jennifer Jin. Our very own security expert Jeff Man shared many insights and stories in chapter 25 of this highly acclaimed book.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has more than 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private sector enterprises, is a former PCI QSA, and was part of the first penetration testing red team at the NSA.

You’ve. Been. Hacked.

Three words that no business owner wants to read while opening their daily email, yet it happens more and more every year.

At Online Business Systems we have our feet in two different worlds – Digital Transformation and Cybersecurity. As you can guess, we get a lot of questions about how to plan for and incorporate a security strategy when designing and executing a digital transformation project (e.g. process automation, transforming to a paperless organization, incorporating AI, or a cloud migration.) I have read quite a few articles and blogs written on this topic recently and had a few thoughts of my own based on my experiences being on the front lines where we’ve seen security done well (and also, unfortunately, not so well.)