Services - dotSec - Cyber security specialists

SIEM solutions for incident management

SIEM solutions for incident management – Use cases This article examines practical use cases: How we’ve used SIEM solutions for incident management. It demonstrate how SIEM strengthens security operations and prevents costly incidents. Security Information and Event Management (SIEM) solutions are often seen as complex and expensive. However, their true value lies in mitigating financial, […]

The human factor: How to undermine your PCI DSS compliance

How to undermine your pCI DSS compliance efforts When it comes to PCI DSS compliance, most organisations focus on technical controls such as firewalls, encryption, and monitoring tools, to secure cardholder data. However, even the most advanced technical safeguards can be rendered useless if employees mishandle cardholder data due to a lack of training. Newer […]

Is your candidate real? North Korea scams

Is your candidate real? North Korea scams In May 2024, the U.S. Department of Justice unsealed charges against individuals involved in schemes where overseas IT workers, some linked to North Korea, posed as U.S. citizens to secure remote employment with over 300 American companies. These workers utilized stolen or borrowed identities to gain employment with […]

Using the NIST Cyber Security Framework (CSF) v2

Using the NIST Cyber Security Framework (CSF) v2 In this post, we’ll talk about using the NIST CSF v2, and show you that managing cyber security risk need not be like trying to juggle flaming chainsaws while riding a unicycle under the big top! We’ll explain how you can use the NIST CSF 2.0 to […]

Law Firms And Cyber Tech

Cyber security and law firms: Don’t just do it! The shiny allure of technology is so enticing, and the sales-siren’s call, “Just buy this thing and all your pain will go away” is almost irresistible. But for law firms, cyber security is rarely a problem that can be solved with technology alone. Legal practices handle […]

A long life with ISO 27001!

Happiness and a long life with 27001 We don’t just talk the ISO talk, we’ve walked the compliance walk and we’re ISO 27001-certified, so we know what it takes to implement and maintain a compliant ISMS. Our 27001 lead implementers and assessors have a wide range of certifications including PCI DSS QSA, ISO 27001, CISA, […]

TPSP AOCs save you money!

a tpsp WILL SAVE YOU MONEY! Protecting sensitive information has become a vital aspect of running any business, and one area that requires a high level of vigilance is payment security, especially for businesses that handle credit card (also known as cardholder) data. These businesses must adhere to the Payment Card Industry Data Security Standard […]

DotSec’s AOC saves you money!

DotSec’s AOC saves you money! Payment card information remains one of the most targeted forms of data. For Australian organisations that store, process or transmit cardholder data, PCI DSS compliance is essential — not simply as an annual requirement, but as a way to reduce risk and improve the security of systems that support payment […]

Hey nice business!

Hey, nice business! Lack of awareness has led some organisations to believe that ransomware and extortion attacks are uncommon. This in turn can lead to a perception that the level of business risk does not warrant expenditure on improving cybersecurity maturity. Consequently many organisations are poorly protected and open to compromise, and are unable to […]

Cyber insurance: A risky business

Cyber insurance. A risky business! As the frequency of cyber attacks increases and incident recovery becomes more expensive, it is important for businesses to have cyber insurance to reduce the potential losses associated with such events. In fact, such coverage is something we expect will become mandatory for all kinds of contracts and agreements in […]