News and Information RSS Feed News and Information: cybersecurity
Understanding Enterprise RFP Requirements: Security – Access Control and Authentication
9/2/2022
Beyond basic username and password credentials, the RFP is likely to ask for one or more of several other authentication arrangements or methods, including methods that allow nuanced access and considerations that tie spend management or purchasing permissions to user authentication.
Understanding Enterprise RFP Requirements: Security – Payment Processing
8/9/2022
Payment card data not only poses the risk of identifying an individual, but also sensitive financial, transactional, and bank information that can be directly leveraged for fraud.
Understanding Enterprise RFP Requirements: Security – Sensitive Data and Consumer Privacy
6/22/2022
This installment of our RFPs & Rising Technology Demands series examines sensitive data and consumer privacy, including PII, cardholder data and consumer privacy laws that are often cited in RFPs seeking digital commerce.
Understanding Enterprise RFP Requirements: Security
6/3/2022
This installment in our RFPs and Rising Technology Demands series provides an overview of security requirements, terms, policies, procedures, standards, frameworks, and more often found in RFPs.
Critical Java SE “Psychic Signature” Vulnerability; Essent Products Unaffected
4/27/2022
A vulnerability in Oracle Java SE versions 15 through 18 that the Common Vulnerabilities and Exposures organization described as “easily exploitable” allows attackers to forge security certificates, digital signatures, two-factor authentication messages, and authorization credentials.
Magento Payment Card Skimming Vulnerability Requires Immediate Action
2/14/2022
All versions of Magento 1.x software and plugins are being actively exploited by cybercriminals to skim credit card numbers and personal information from site users.
Apache Log4j 2 Vulnerability: Essent and its Products and Services Unaffected
12/14/2021
You should bring this Support Notice to the attention of your Information Technology (IT) department or webmaster.
HTTPS or Bust: Google Continues Squeezing Out the Unencrypted Web
3/11/2020
Understanding the California Consumer Privacy Act (CCPA), aka ‘GDPR-Lite’
11/12/2019
Once it takes effect on Jan. 1, 2020, the CCPA will become the strictest consumer privacy protection law in the United States.
The Case for Complying With GDPR
5/21/2019
It’s the rising demand for consumer protections that needs your attention, if not necessarily the GDPR itself.
Latest Google Chrome Browser Makes HTTPS the Expectation
7/30/2018
Payment Card Tokenization: Reducing Risk and Responsibility of PCI Compliance
3/28/2018
With Tokenization, even if a credit card thief wanted to get into your system, and did get into your system, there would be nothing to take but the worthless tokens.
FAQ: PCI Mandate to Retire TLS 1.0, SSL
9/4/2017
The Payment Card Industry (PCI) Security Standards Council is strengthening its encryption standards to discontinue use of Transport Layer Security (TLS) 1.0 and Secure Socket Layers (SSL) in secure credit card transactions.
October is Cyber Security Awareness Month
10/7/2015
October is National Cyber Security Awareness Month as designated by the U.S. Department of Homeland Security. But, as a practical matter, every month should be Cyber Security Awareness Month.
Essent and its Products and Services Unaffected by VENOM Vulnerability
5/15/2015
A critical security vulnerability known as Virtualized Environment Neglected Operations Manipulation (VENOM) allows attackers to access virtual machines.