2|SEC Cyber Security Blog

The Cyber Sentinel

Stay on top of the latest news and updates to stay ahead of the latest threats

The Bit9 incident

We see in the news another example of cyber criminals successfully stealing a private certificate and using it to their nefarious advantage. In this instance, cyber criminals allegedly exploited perimeter defences and web application security to gain access to one of Bit9’s private certificates – https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/. A private certificate is used to sign an encryption key, […]

The Bit9 incident Read More »

PCI DSS governance

PCI DSS 12.5 “Assign to an individual or team the following information  security management responsibilities” is not just about putting somebody’s name down to pass an audit and us QSAs are clamping down hard on those whom pay governance lip service, then forget about it for a year until the next audit is due. Even in smaller

PCI DSS governance Read More »

Scroll to Top