Receive articles and resources from the information risk management experts at FoxPointe.
PCI Standard v4.0 In March 2022, the Payment Card Industry Security Standard Council (PCI SSC) released its initial draft v4.0 of the standard. Based on the initial draft release, the following critical changes are assumed to be incorporated into the new version of the PCI standard: For merchants, sensitive authentication...
The ever-growing threat landscape and wide accessibility to the internet around the globe have made it easy for malicious actors to launch cyber-attacks and exploit vulnerabilities within an organization. Big or small, organizations that possess data can be at risk to cyber criminals who want to gain access to their...
This article was written by Andrew Parks & James Merritt. Apache Log4j Apache Log4j is an open-source library that is utilized by applications to facilitate logging requests. On December 9th, 2021 a vulnerability was reported (CVE-2021-44228 from the National Vulnerability Database) that impacts applications leveraging Apache Log4j versions 2.14.1 and...
Risk Management Guidance On July 13, 2021, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC, and together with the Federal Reserve and the FDIC, the Agencies), requested comments on proposed interagency...
Fraud Prevention All fraud begins with a line of thinking that follow three major factors: Opportunity, Rationalization, and Pressures. Rationalization is the excuse an individual uses to provide comfort or assurance that they need to commit fraud. An example of this could be: “I’ll put the money back, I just...
FedLine Security and Resiliency Assurance Program In October 2020, the Federal Reserve Banks (FRB) posted an announcement to their website titled “Announcing the FedLine Solutions Security and Resiliency Assurance Program”. The FRB’s FedLine Solutions are a critical component of the U.S. payment system. FedLine is a suite of payment solutions...
Information Security Complacency My career has taken me through a winding road of many areas including finance, manufacturing, education, and, today, information security. My career has included 24 years in the manufacturing world, where I managed many risks including employee theft (check kiting and manipulation) and mail fraud (vendor checks...