Security News

Here at MegaplanIT, we detest check-box compliance audits. Going through the motions just to satisfy security regulations and standards (like PCI and HIPAA) does not mitigate the risks of attack. Sure, you may satisfy the auditors, but at the end of the day nobody wins without rigorous security assessments. Is your company being proactive about network security, or are you falling for the check-box compliance trap?
If you're like most IT security officers or business owners, you are striving to avoid any "hiccups" with this year's information security and/or compliance assessment. MegaplanIT's team of QSAs and auditors always recommend that continuous monitoring is key to successful risk management, but there are a few other checklist items that, if implemented throughout the year, may just reduce the level of effort required by your auditor - which should save you time and money!
If your organization is planning on achieving PCI compliance for the first time, you are probably overwhelmed with the amount of information presented to you. Rest assured, it can be a daunting task for even the biggest companies. Understanding this, MegaplanIT offers free Trusted Advisory for anyone considering PCI compliance - whether you are our client or not. We want to see your project succeed, period. Previously, we've offered 10 Ways to Reduce PCI Compliance Costs.
A hacker going by the alias "Masakaki" has claimed credit for breaching ITWallStreet.com, a leading recruiting agency for Wall Street financial firms. The criminal, who belongs to a hacker group called TeamGhostShell, made off with 3,000 resumes from around 50,000 compromised accounts. Masakaki indicated that he would trade the resumes on the black market, but there were also hints of "hacktivism" as Masakaki pointed to the Occupy Wall St movement as inspiration and/or motivation.
Israel claims that since the outbreak of violence in the Gaza Strip, 44 million cyber attacks have been launched against various Israeli government websites. Although the attackers have only been able to knock a few sites offline, the sheer volume of attempted incursions indicates that the element of cyber war will part of our real wars from here on out.