Here is another short read for you (sorry). For those who read this blog on a regular basis, you know that we talk about supply chain risk a lot. Formally, the government calls it Cybersecurity Supply Chain Risk Management or C-SCRM. Supply chain attacks are very popular because if you pull one off (think SolarWinds), […]
Continue reading → [DISPLAY_ACURAX_ICONS]As we watch hackers compromise systems of both large and small companies in every country every day, it kind of points out the obvious – whatever security program companies that develop software have in place are not adequate to the threat. Up until now, software companies have not suffered because their license agreements say that […]
Continue reading → [DISPLAY_ACURAX_ICONS]First – what are dark patterns? Here is a definition from Wired: The term “dark patterns” was first coined by UX specialist Harry Brignull to describe the ways in which software can subtly trick users into doing things they didn’t mean to do, or discouraging behavior that’s bad for the company. When you want to […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Office of the Comptroller of the Currency or OCC regulates federally chartered banks. Digital banks, AKA crypto vunder-kids, would like to get a bank charter for a number of reasons. One reason is that they want access to the international banking network. Another is to show that they are all grown up. But if […]
Continue reading → [DISPLAY_ACURAX_ICONS]Cyber Command Says Chip Shortage is a National Security Issue The head of U.S. Cyber Command, General Paul Nakasone, told Congress that China’s continued progress towards domestic chip production is a problem. If China achieves chip independence, that puts them in a position to do what they want and not worry about sanctions. For example, […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Payment Card Industry (PCI) council is an industry group that includes the large credit card issuers and they have, for years, owned a standard called the PCI Data Security Standard or PCI DSS. While complying with it is not a law (except in a couple of states), complying with it is a contractual requirement […]
Continue reading → [DISPLAY_ACURAX_ICONS]