Introduction to Targeted Risk Analysis (TRA) in PCI DSS 4.0

PCI DSS TRA featured

The Payment Card Industry Security Standards Council (PCI SSC) recently released a new document guiding targeted risk analysis. This approach to security is a cornerstone of the PCI DSS 4.0 update, and yet, for many businesses, this is something new that they may need help understanding. 

This article will discuss Targeted Risk Analysis, its role in PCI DSS 4.0, and how your organization can consider implementing these measures as part of their compliance efforts.

 

Read More

What Is OCTAVE and OCTAVE Allegro?

OCTAVE allegro featured

The importance of risk management cannot be overstated… and yet, many enterprises struggle with the practice due to a lack of standardization or expertise. And while the challenges that businesses face implementing risk management are understandable, they are no longer acceptable. 

This article will provide an in-depth overview of OCTAVE Allegro, a framework developed to help small and mid-sized businesses effectively approach risk management. Whether you are an IT professional, security analyst, or business owner, understanding the capabilities of OCTAVE Allegro can help you better protect your organization from cyber threats.

 

Read More

What Is the Information Security Risk Management Process of ISO 27005?

iso 27005 featured

Businesses undergoing ISO certification are probably aware of the 27000 series and its focus on comprehensive cybersecurity. What many organizations don’t know, however, is that the series itself provides guidelines for risk managers to better implement Information Security Management Systems (the core process of ISO 27001) following best risk management practices. 

 

Read More