Segmentation is important for preventing breaches and hacks, as well as a method to reduce PCI scope.
We are strongly encouraging all SecurityMetrics clients that use Kaseya VSA software in their environment to follow the recommended guidance provided by CISA and the FBI provided below.
The HIPAA Privacy Rule is crucial for protecting PHI and ensuring patient privacy. Learn about HIPAA PHI compliance with our free guide.
Formjacking is a type of cyber attack where hackers inject malicious JavaScript code into a webpage form–most often a payment page form.
Here’s what to do when you get hacked, step-by-step.
Learn what’s required to fill out SAQ A.
Creating an incident response plan can seem overwhelming. To simplify the process, develop your incident response plan in smaller, more manageable procedures.
Learn how to effectively respond to security breaches and prevent future attacks.
Learn how PCI compliance in the cloud affects your organization. "The cloud" brings up an idea of something mysterious and far away, but in reality, “the cloud” is a third-party-managed physical server.
Healthcare providers are responsible to make sure those with access to ePHI require that access to adequately do their jobs.
Making a risk Assessment, or Risk Analysis, is the first step in the Security Rule compliance.
What are firewalls and how do they help protect your business?
Many businesses don’t often realize how physical security can help protect their card data.
If you were to ask network architects and engineers about their favorite part of the job, I doubt any of them will respond with “creating and maintaining network diagrams.”
PCI 4.0 summary of changes including new requirements that have been added to the standard.
Scoping is determining what systems are covered or need to be assessed or included as part of your PCI compliance.
Cardholder data and card systems should only be accessible to those that need that information to do their jobs. Once you’ve implemented access privileges, make sure to document it.
How to test your incident response plan and conduct tabletop exercises.
System administrators have the responsibility to ensure that all system components (e.g., servers, firewalls, routers, workstations) and software are updated with critical security patches within 30 days of public release.
In the face of current cybersecurity challenges, PCI DSS compliance is more important for merchants than ever.
A remote code execution (RCE) vulnerability, CVE-2019-10719, was discovered in BlogEngine 3.3.7 and earlier.
To address some of the most common questions we receive about PCI assessments, we sat down with Lee Pierce, a PCI assessment expert with over 15 years in the industry.
It’s critical that you configure the log monitoring solution correctly so that the appropriate directories, files, security controls, and events are being monitored.
If your organization is required to be PCI compliant, don’t procrastinate beginning the penetration test process.
.svg)
