Insights

Photo courtesy of PCI PCI Security Standards Council published PCI DSS Version 3.2.1 with minor revision to the PCI Data Security Standard (PCI DSS), which businesses around the world use to safeguard payment card data before, during and after a purchase is made. PCI certification ensures the security of card data at your business through a set of requirements established by PCI. These include a number of commonly known best practices, such as: Installation of firewalls Removing default credentials Performing routine security assessments Encryption of data transmissions Use of anti-virus software The changes are defined as: MFA is now required for all non-console administrative access; an addition of one-time passwords as an alternative potential control for this scenario. After 30 June 2018, all entities must have stopped use of SSL/early TLS as a security control, and use only secure versions of the protocol. POS terminals  may continue using these as…

Critical Path Security is excited to announce that it is participating in the Third Annual Internet of Things Startup Showcase in Atlanta, Georgia!  Stop by our table and learn about how we are applying Network-Based Packet Analysis and Intrusion Detection to protect the growing introduction of IoT devices in our everyday lives! Schedule: 12:00 pm to 5:00 pm - Atlanta Tech Park will host open house session for IOT members to learn about the ATP facility and its services to its members. Lunch will be provided who those who register for this session. 5:00 pm - TechConnectHub will host a Session on Collaboration between Startups and Corporate Teams. www.TechConnecthub.com 6:00 pm - Showcase will include tables for demonstrating IOT solutions for startups, hobbyists, Innovation Teams and Companies. 6:00 pm - Seminar for Startups and Sponsors to pitch their IOT Solutions (details will be forthcoming) 8:00 pm - Wrapup Location: Atlanta Tech…

Today, we can all finally breathe a little easier as Georgia Governor Nathan Deal vetoed the cybersecurity legislation known as SB 315. Facing mounting pressure from technology firms and researchers, the Governor said there were “concerns regarding national security implications and other potential ramifications” that lead him to veto the bill. "It is my hope that legislators will work with the cybersecurity and law enforcement communities moving forward to develop a comprehensive policy that promotes national security, protects online information, and continues to advance Georgia’s position as a leader in the technology industry." - Deal Georgia Senate Bill 315 would have changed state law defining computer crimes simply as “unauthorized computer access” with a provision to exempt individuals engaged in “active defense measures designed to prevent or detect unauthorized computer access.” The lack of detail in the bill was concerning to many in the cybersecurity field as the exemption could…

Have you got your ticket for BSides ATL yet? If not, hurry before they sell out and come join us at the Kennesaw State University Center this Saturday, May 5th for this great event! Critical Path Security is proud to be an official sponsor of this event for and by information security community members. BSides creates opportunities for individuals to participate in an intimate atmosphere that encourages collaboration with discussions, demos, and interaction from participants. This year's theme is "Standing on the Shoulders of Giants" and will focus on how the success of our predecessors fuels future innovations. Swing by the Critical Path Security booth anytime to check out some cool tech demos, have a conversation about security, or pick up a limited edition gun-wielding-unicorn t-shirt we had made specifically for BSides ATL 2018. Donations to the Electronic Frontier Foundation are appreciated. If you can't find the time to catch…