Hi, what are you looking for?
Retailers are preparing to navigate a new standard: the Payment Card Industry Data Security Standard (PCI DSS) 4.0.
How will the cybersecurity threat landscape will continue to become more sophisticated throughout 2023. To understand what likely to come for cybersecurity in the year ahead, Digital Journal contacted Terry Olaes, Senior Technical Director at Skybox Security.
Olaes predicts that, within the U.S., cybersecurity directives from the federal government will lead to a rise in threat actor activity against federal agencies. In particular, the threat of spear phishing will be further complicated by the rise of fake LinkedIn profiles. Spear phishing is a phishing method that targets specific individuals or groups within an organization.
It is also likely that threat actors will leverage novel programming languages to become untraceable. As to the main area of attack, it appears that a growing target will be the retail industry as organizations gear up for the Payment Card Industry Data Security Standard (PCI DSS 4.0). This standard is intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
Terry Olaes, Senior Technical Director at Skybox Security
A growing target on the retail industry as organizations gear up for PCI DSS 4.0
Olaes sees the advent of this new regulation as both an opportunity to strengthen security and a vulnerability: “Much like changing regulations for government agencies, retailers are preparing to navigate a new standard: the Payment Card Industry Data Security Standard (PCI DSS) 4.0. Effective in 2024, this new standard will impact all organizations that store, transmit or process cardholder data and sensitive authentication data. The new standard allows organizations to customize their approach to proving compliance with each PCI DSS security requirement.”
While the standard looks good, it hides some issues as Olaes notes: “If organizations take this direction, there are growing opportunities for threat actors to exploit retailers who may have taken non-standard routes to achieve compliance. Additionally, the long lead time to implement these regulations gives attackers more opportunity to use those requirements as a blueprint to breach retailers before they have time to implement changes to their cybersecurity strategy.”
Threat actors will leverage novel programming languages to become untraceable.
The second issues that Olaes calls out is in relation to more sophisticated coding on the part of malicious actors. Here Olaes finds: “Instead of using common programming languages like Python, threat actors will begin leveraging languages like Rust that cybersecurity tools aren’t designed to catch, causing attacks to go undetected. Some organizations today continue to neglect to implement cybersecurity basics that detect and prevent basic attacks, let alone attacks built on uncommon languages.”
Dr. Tim Sandle is Digital Journal’s Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.
GOP Gov. Asa Hutchinson said former President Donald Trump’s meeting with a white nationalist last week was not “accidental.”
Technologies that can save money and increase efficiency will continue to be appealing to corporations that are facing budget reductions.
The Ark of the World, founded by a charismatic priest, has worked with underprivileged children for at least two decades – Copyright AFP Louisa…
Across the U.S., the highest numbers of freelancers are found in the Southern and Western regions.
COPYRIGHT © 1998 – 2022 DIGITAL JOURNAL INC. Sitemaps: XML / News . Digital Journal is not responsible for the content of external sites. Read more about our external linking.
Novel programming leads 2023's most dangerous cybersecurity threats – Digital Journal
Hi, what are you looking for?