Blog

Featured

What Changed with 4.0.1

A Guide to New Requirements in PCI DSS 4.0.1

Get the 2026 SecurityMetrics PCI Guide

Clouds with sun rays behind and text that reads 'The Manufactured Mystery of Mythos'.

The Manufactured Mystery of Mythos

Multiple black fingerprints on white background with one fingerprint highlighted in blue at center.

SecurityMetrics Uncovers a Near 700 Site Global Skimming Operation

New Penetration Testing Requirements, Explained.

How Do New Penetration Test Requirements Affect You?

Penetration Testing

An industry-recognized methodology must be used when conducting a penetration test.

Computer screen with ransomware message warning files are encrypted and countdown to key destruction.

How to Confront Hospital Ransomware

Don’t let your patients’ medical records be taken hostage.

Text reads 'See how merchant levels affect PCI compliance' with illustrations of two buildings and two trees.

How do PCI Merchant Levels Determine PCI Compliance?

Learn more about PCI merchant levels and how they affect PCI requirements.

Diagram showing HIPAA Compliance guide linked to icons for pharmacy, security, and computer.

How Healthcare Security Complacency is Killing Your Organization

Far too many healthcare organizations are losing data and they don’t even know it.

Bar chart showing UK GDPR compliance priority: 35% what is GDPR, 3% not, 5% low, 13% medium, 44% high.

How Prepared are UK Businesses for GDPR?

The EU General Data Protection Regulation (GDPR) will come into effect on May 25, 2018.

2020 SecurityMetrics guide cover for PCI DSS Compliance for merchants and service providers.

How to Become PCI Compliant: The 2020 Guide to PCI DSS Compliance

Payment Card Industry (PCI) compliance is required for any organization that takes payment cards.

Illustration of a work space.

HIPAA Compliant Passwords

Maintaining HIPAA compliant passwords is a key step towards protecting ePHI.

Illustration of letter soup with spoon holding letters 'HIPAA HHS.'

HIPAA Alphabet Soup: Unjumbling the Jargon

HIPAA includes many such acronyms, mostly security-related.

Illustration of a red hospital building with a medical professional and patient inside.

HHS HIPAA Audit Requirements

Don’t forget to document every HIPAA compliance effort as evidence to present to the OCR if your entity is chosen for auditing.

Abstract illustration of four people with paper bags over their heads.

Healthcare's Password Security is Embarrassing

Make the simple change to require unique usernames and passwords on the network level for each one of your staff members.

Illustration of six people around text in the center that says 'HIE' in green letters on white background.

HIE Insecurity and What One HIE Decided to Do About It

If you’re not sure what your HIE should be doing, have a look at ONC’s health IT security resources.

HIPAA Business Associate Agreement text with an illustrated paper besides text with shaking hands.

HIPAA Business Associate Agreement: Who's Really Responsible?

Either manage your business associate security or prepare for a data breach.

Free HIPAA Policy Template with three white stacked papers, a medical symbol, and a yellow lock.

HIPAA Security Policy Free Download

Policies help ensure workforce member security.

Text reading Read the Latest HIPAA Report next to a security report paper with a stethoscope.

HIPAA and the Status of Healthcare: What C-suites Should Know

You can’t afford to be passive anymore; it’s time to be aggressive.

Diagram titled 'The Window of Compromise' showing stages: vulnerability, breach, capture data, extract data, contain breach.

How Long are Businesses Vulnerable Before a Security Breach?

On average, a merchant was vulnerable for 470 days before an attacker was able to compromise the system.

Text 'Get ready for PCI DSS 3.2' next to a blue shield icon on a yellow background.

Here Comes PCI DSS 3.2: What Changes You Should Expect

See what changes PCI 3.2 brings and what you’ll need to do.

Text 'Are you ready for Phase 2?' beside a medical audit document with caduceus symbol on blue background.

HIPAA Audits Phase 2: What You Need to Know

Learn what’s involved in the Phase 2 HIPAA Audit Program and how you can prepare.

2021 SecurityMetrics guide cover to HIPAA Compliance for healthcare entities and business associates.

HIPAA Guidelines Simplified in the 2021 HIPAA Guide

Network security is more crucial than ever for healthcare providers.

Blue cloud icon connected to light blue circuit-like lines on a gray background.

HIPAA Compliance: Storage in the Cloud

HIPAA Compliance in “the cloud” Cloud data storage is a common and convenient option for healthcare organizations.

Forensic File Series: The Case of the Mistaken Malware.

Forensic Files: The Case of the Mistaken Malware

The best way to inspire better security practices is to show examples of true security blunders.

Forensic File Series.

Forensic Files: The Case of the Suspiciously Flawless Investigation

What happens when forensic investigators can’t find evidence of a compromise?

Illustration of mopping the floor with mop and bucket.

Hacking Trends 2014: Hackers Actually Clean Up After Themselves

Hackers are getting smarter than our automated detection tools.

Forensic Files Series: The Case of the Stockpiled Credit Cards

Forensic Files: The Case of the Stockpiled Credit Cards

Hopefully, you'll realize some actions you should take to ensure your own business’ security.

Illustration of two people working at computers.

Auditing Archives: The Case of the Overly Helpful Front Desk Clerk

Front desk clerks are friendly…sometimes to a fault, but friendly doesn’t necessarily equal secure.