Have you been hearing these terms thrown around by your IT or Compliance teams, but aren’t quite sure what they are talking about? This post aims to clarify the two types of testing, and provide some basic information to help identify which test is right for you.
ATM Jackpotting is Just a Symptom
This was originally posted as an INSIGHT for Wolf & Company, P.C. here. ATM Jackpotting attacks have been making the rounds through the news cycles, but much of the commentary has been missing the point: these attacks are merely a symptom of a bigger issue surrounding ATM management. Many of the controls organizations are implementing on … Continue reading ATM Jackpotting is Just a Symptom
Active Directory Passwords – Who is Right?
This was originally posted as an INSIGHT for Wolf & Company, P.C. here. Background Cybersecurity breaches are making the news on what seems like a weekly basis. Many of these incidents involve unauthorized access to systems and data as a result of compromised user credentials. These credentials are compromised through improper storage, weak password criteria, and … Continue reading Active Directory Passwords – Who is Right?
DerbyCon 7.0 Legacy Roundup
This was originally posted as an INSIGHT for Wolf & Company, P.C. here. What is DerbyCon? In recent Banking Technology Connections articles such as How Safe is Your Active Directory?, our Information Technology (IT) Assurance department discussed key takeaways from this year’s DEF CON, which is one of the largest hacker conventions in the world. DEF CON … Continue reading DerbyCon 7.0 Legacy Roundup
What to look for in a QSA
This was originally posted as an INSIGHT for Wolf & Company, P.C. here. If your organization is new to PCI compliance, you are probably wondering how you should choose which QSA to work with. This decision is not one to take lightly, as there are nearly four hundred QSA Companies (QSAC), with an estimated one thousand … Continue reading What to look for in a QSA