A couple weeks ago, I put my kids to bed, kissed my wife, jumped in the car and sped off (at least until I hit ALL the frigging construction) for a few uninterrupted nights in my native Chicagoland. I was excited! Besides getting a chance for some decent sleep and not having to speed eat my dinners, (I have a 9-month-old and a 3-year-old, and while I love my kids, I won’t deny the added bonuses of this trip) the true purpose was to attend the Trustwave Partner Advisory Conference.

Wind River Financial and Trustwave have been partners for many years, and this event served to update us on new focus areas that I wanted to share with you. Now, I’ll admit, it wasn’t all work and no play. There were a few adult beverages, an Escape Room experience, a Blackhawks game and even yours truly being singled out by the FBI (and not in a good way). Details follow below.

But sprinkled throughout all of that was a great event. The folks at Trustwave have an impressive office, were extremely friendly and were very knowledgeable, gracious hosts (my only complaint being they stocked the fridge with La Croix instead of my beloved Klarbrunn). Alas, not everything can be perfect, but let me update you on two items that may be of actual interest.

Data Security Essentials

We had some great discussions about Data Security Essentials (DSE), a new small merchant program that could be leveraged for PCI compliance in the future. Personally, I’m thrilled. The most common complaints I hear is that PCI is just too complex and too technical and that the SAQ is not helpful in answering questions.

Essentially, DSE would allow for a scoring mechanism as well as simplification of the SAQ questions. As more small businesses accept credit cards, this means better guidance when looking at the security posture surrounding payment acceptance. There is more to be worked out, but I will definitely keep you up-to-date as we hear more from the major card brands about the acceptance of DSE. Stay tuned!

FBI Cybersecurity Threat Landscape

It was great to hear from the FBI about what they’re seeing reported. Now, I did try and get a picture of the slide where the FBI talked about their website to report cybersecurity issues. Unfortunately, I was “kindly” asked to not take photos, but I still wanted to share that resource.

We have all heard about the dangers of ransomware and malware attacks, but the fact that business email compromise (BEC) costs $12 billion annually globally took my breath away. Besides that, there were some other great prevention tips I wanted to share.

  • Implement a patch management process
  • Implement Two Factor Authentication (2FA)
  • Separate admin accounts between an administrator and a daily user account
  • Use different admin passwords
  • Application whitelisting
  • Make regular backups

Lastly, as the holiday season approaches and I come up on six months at Wind River, I wanted to take a quick second to thank you for your loyalty, feedback and business. Without your support, my editors would literally be pulling the plug. So, thank you! In my short time, I have had lots of great conversations with you and will continue to find ways to improve security and compliance within our products at Wind River. The Advanced Security Package was a stepping stone for Wind River to help increase compliance, simplify SAQs and help businesses become #SecurityFirst. Much more to come in 2019! Happy Thanksgiving from all of us at Wind River Financial.