According to federal prosecutors with the U.S. Navy, veteran Johnathan Toebbe, alongside his wife Diana Toebbe, attempted to sell sensitive information regarding Virginia-class submarines. This wouldn’t be the first time an insider threat led to a potential leak of crucial military information, but the fact that it has happened in 2021 indicates that even in 2021, mitigating insider threats is still a vital issue. 

This news should be abundantly clear that insider threats are still a significant problem in modern cybersecurity. Here we’ll discuss what insider threats are and what you can do to reduce or mitigate the dangers of these threats for your organization. 

Read More

Penetration testing is an increasingly common part of cybersecurity and compliance regulations. The truth is that in many cases, the best way to get to the root of IT vulnerabilities in a system is to expose them to controlled but realistic attack scenarios that probe every interaction and connection in that system. In many cases, organizations will take penetration one step further and use what has been called red team testing. 

Here we’ll discuss the difference between typical pen testing and red team exercises, how red team testing can help you better understand your security risks, and why that’s important for your organization’s compliance efforts. 

Read More

If you work in retail or payment processing, you may already know about PCI DSS. However, you may not know of the details about compliance and transaction processing. For example, did you know that the size of your business and the number of transactions you process actually change how you comply with PCI DSS?

Here, we’ll break down the merchant levels in place to address this difference and how it could impact you as an organization facing PCI DSS requirements.

Read More