Finding the right security service to assess your organisation is a critical aspect of any security program. Each security service has its benefits and fits a specific purpose, and it is important to therefore understand the differences between these services to...
The recent PCI DSS v4.0 has some important changes for eCommerce merchants that use a redirect or iframe to reduce scope to Self-Assessment Questionnaire A (SAQ A). Even though the merchant’s website that meets the criteria for SAQ A does not transmit account data,...
Author: Mike Manzotti – Principal Consultant at Dionach Changes in the threat landscape combined with the needs of the modern enterprise often come with the requirement for IT staff to be able to respond to cyber security incidents 24/7. These changes have...
This is the second of two parts of our publication, looking at the new section 8 controls of the ISO 27002:2022 update. Please refer to part one for section 5 and section 7 controls. In part two of our post, we will cover: Configuration Management (8.9) Data Masking...
Part 1 of 2 Authors: Shannon-Louise Huxley – GRC Consultant, Steve Rowe – GRC Consultant The release of the ISO 27002:2022 update brings a restructure of the standard and several new controls. This post aims to provide a breakdown of these new elements and how best...
