So, after a long journey, we’ve arrived at the twelfth and final requirement for PCI DSS 4.0. Last but certainly not least, this requirement emphasizes the need for creating, documenting, and implementing organization-wide security and compliance policies.
The recent uncovering of the Log4Shell bug, tied to the ubiquitous log4j module, has swept through private and public organizations reliant on IT logging technology. A relatively simple bug, the implications of its widespread use means that remediation will be a long, complex endeavor. While the potential millions of implementations wait for updates, however, the complex infrastructure of national IT is vulnerable to attack.
Read more about this bug and its potential threat to organizations across the world.
When large tech companies talk about cybersecurity, compliance and risk management, it usually sounds like something for the big players. That is, large enterprise operations or businesses that would be the target of major attacks. The truth is, however, that our data-driven economy levels the playing field in many ways. One of these ways, unfortunately, is by making small businesses just as vulnerably to cyber attacks as their larger counterparts.
According to IBM, 2021 saw the highest average costs for breaches. On average, data breaches costs businesses in the United States up to $4.24M. While that doesn’t mean that your breach could cost you that much, it’s important to know that, no matter the size of your business, you need to take cybersecurity seriously.