Data privacy and protection (DPP) laws aren’t entirely new to the security and compliance landscape, but the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are prompting many organizations to take a more formal approach to DPP.
This blog explains how to do a quick risk assessment on an app in the app store or one that you’ve downloaded on your phone to determine if an app is secure.
Businesses must ensure their key servers, certificate authorities, open SSL libraries, and server updates are secure.
Phishing Email Scams remain one of the top threats to companies.
To help you focus your cybersecurity efforts, we've compiled our top 5 blogs to help you prepare for 2022.
How to prepare for cybersecurity in 2021. We outline the top five blogs to help you train employees, understand the threat landscape, avoid malware, and support compliance efforts as you head into 2021.
What area of your business would benefit the most from a penetration test?
Increasing Satisfaction in PCI DSS Programs for Acquirers and ISOs: Learn why PCI DSS programs are beneficial to businesses and how to manage expectations around PCI programs.
From COVID-related challenges to firewall configuration to e-commerce web skimming, SecurityMetrics Cybersecurity Conference and Summit 2020 provided cybersecurity content and sessions for everyone in the data security and compliance industry.
New cybersecurity threats were popping up rapidly going into 2020. We analyzed the trends and made predictions for the rest of the year
Patient data is in jeopardy when mobile devices aren't secure.
Jen Stone is a Principal Security Analyst for SecurityMetrics. In her 4 years at SecurityMetrics, she has completed over 100 security assessments that include PCI, HIPAA, CIC CSC (SANS Top 20) and 23 NYCRR 500.
With the upheaval and uncertainty many are experiencing around the world during the COVID-19 pandemic, we are more committed than ever to our mission.
MITREid Connect Cross-site Scripting Vulnerability: CVE-2020-5497 Here's the situation: I was performing a penetration test that integrated with MITREid Connect for authorization.
Matt Halbleib holds QSA (Qualified Security Assessor), PA-QSA (Payment Application Qualified Security Assessor), and CISSP (Certified Information Systems Security Professional) security certifications and as a qualified assessor for the Payment Card Industry, has completed over 100 PCI DSS, PA-DSS and P2PE security assessments.
Hopefully this incident helps both healthcare to remember the fragility of patient data protection.
Health organizations have been hit hard—the healthcare industry experienced 23.7% of total data breaches.
PCI for SMBs: as an SMB owner, your business size and card processing environment will ultimately determine which SAQ you need to follow.
The Payment Card Industry Security Standards Council (PCI SSC) recently announced the release of the PCI DSS 3.2.1.
On October 16, 2017, the WPA2 Security Flaw “KRACK” vulnerability was made public.
Phishing remains one of the most effective methods for hackers to breach organizations.
.svg)
