Blog

Featured
A Guide to New Requirements in PCI DSS 4.0.1
Get the 2026 SecurityMetrics PCI Guide
Read now
trending_flat
Clouds with sun rays behind and text that reads 'The Manufactured Mystery of Mythos'.
The Manufactured Mystery of Mythos
Read now
trending_flat
Multiple black fingerprints on white background with one fingerprint highlighted in blue at center.
SecurityMetrics Uncovers a Near 700 Site Global Skimming Operation
Read now
trending_flat
Latest
search
Search...
Select Category
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Medical professional with stethoscope standing at a computer workstation focused on the screen.
Everything You Need to Know About How to Manage PHI
HIPAA

Fully understanding all the PHI you have, where it is stored, what processes touch it, and how it is used in your organization is critical to enabling a business to properly manage PHI.

Medical worker working at a computer with blue stripes behind.
5 Steps to Secure Your Healthcare Organization
HIPAA

Securing your healthcare organization should be a priority. Healthcare organizations are especially vulnerable to attacks because they cannot afford to be shut down.

Multiple books titled '2022 SecurityMetrics Guide to HIPAA Compliance' arranged on a blue background.
HIPAA Guidelines Simplified in the 2022 HIPAA Guide
HIPAA Audit

HIPAA laws and cybersecurity are not simple. To ensure your institution never has a false sense of security, we created our seventh edition Guide to HIPAA Compliance.

Text reading Auditor Tips PCI DSS on a dark geometric background with a small blue bar.
Auditor Tips: Requirement 4: Sending Data Over Open And Public Networks
PCI

Know exactly where CHD is coming from and being sent to, inside and outside of your organization.

Text reading Auditor Tips PCI DSS on a dark geometric background with blue underline.
Auditor Tips: Requirement 3: Protect Cardholder Data
PCI

It is important to know what data you actually store, process, and/or transmit.

Text reading Auditor Tips PCI DSS on a dark geometric patterned background with a blue underline.
Auditor Tips: PCI DSS Responsibilities and Challenges
PCI

As you implement your cybersecurity program, make sure you understand why a security control is required so you can structure tools and processes around the protection each control offers.

Text reading Auditor Tips PCI DSS on a dark geometric patterned background with a blue underline.
Auditor Tips: Requirement 2: System Configuration
PCI

You are required to use industry-accepted configuration and hardening standards when setting up systems that are part of your PCI scope.

Blue outlined 3D text reading 'PCI 4.0' on a light gray background with scattered white shapes.
Performing an SAQ B-IP version 4.0 Self-Assessment
PCI Trends

The Self-Assessment Questionnaire (SAQ) B-IP is intended for payment channels where cardholder data is processed using IP-connected PTS-approved point-of-interaction terminals.

Laptop screen filled with binary code and a magnifying glass highlighting part of the code.
2023 Forensic Predictions
Forensics

In 2023, we've got three predictions of cyber attacks that we think will be the most prevalent this year.

Blue stylized unlocked padlock casting shadow on a light gray background.
Who Owns Third-Party Security Risk Management
Data Security

Third-party security risk management (TPRM) is the process of analyzing and addressing risks associated with outsourcing to third-party vendors or service providers.

Illustration of clipboard with symbol.
5 Minimum Necessary HIPAA PHI Tips
HIPAA

The HIPAA minimum necessary rule helps covered entities manage healthcare information by requiring them to limit access to and disclosure of PHI.

Illustration of Company Risk Management Plan with a patient room.
How Much Does a HIPAA Risk Management Plan Cost?
Risk Assessment

Many healthcare entities haven’t yet separated the difference between the HIPAA Security Rule and HIPAA Privacy Rule.

Illustration of a blue number 10.
10 Qualities To Look For When Selecting an Approved Scanning Vendor
Vulnerability Scanning

Not all approved scanning vendors are created equal

Vulnerability Scanning FAQ.
SecurityMetrics Vulnerability Scanning Process FAQ
Vulnerability Scanning

The most commonly asked customer questions about the vulnerability scanning process.

Computer screen shows text 'When Delete Doesn't Delete' and a menu with Secure Empty Trash option.
How to Permanently Delete Files with Sensitive Data
Data Security

When delete doesn’t actually delete, it can increase your vulnerability.

Calendar page of October 2015 with a medical symbol circled and text asking how long HIPAA compliance takes.
What is HIPAA Compliance, and How Long Will It Take?
HIPAA

HIPAA compliance is a process, not a destination . . . but it doesn’t hurt to know your timeframe.

Computer monitor with a checkmark and text asking how much you know about vulnerability scanners.
Vulnerability Scanners 101: What, Why, and How to Comply
Vulnerability Scanning

Learn the fundamentals of vulnerability scanning, especially for PCI compliance requirements.

Blue hexagon with dots surrounding a computer displaying a lock symbol for cybersecurity.
Configure and Maintain Your Firewall
Data Security

Learn why your firewall may make you vulnerable and how SecurityMetrics Managed Firewall can help.

Yellow credit card on laptop keyboard with text asking if you qualify for SAQ C-VT.
SAQ C-VT: The Basics You Should Know
SMB
Blue background with text asking if passwords are secure and a computer screen showing a login form.
PCI Requirement 8: Combatting Weak Passwords and Usernames
PCI

In order to comply with PCI Requirement 8, you need to practice proper password and username management.

Text 'PCI compliance for service providers' with a computer showing a key icon on screen.
SAQ D: What's Required for Service Providers
PCI Audit

If you are a service provider who stores credit card data, PCI SAQ D likely applies to you.

Blue graphic of a payment terminal with 'PROCESSING' and a desktop computer under the title PCI Network Segmentation.
How Does Network Segmentation Affect PCI Scope?
PCI

Segmentation is important for preventing breaches and hacks, as well as a method to reduce PCI scope.

World map with blue data points and curved lines connecting regions across continents.
Kaseya VSA Software SecurityMetrics Response
Forensics

We are strongly encouraging all SecurityMetrics clients that use Kaseya VSA software in their environment to follow the recommended guidance provided by CISA and the FBI provided below.

Illustration of a filing cabinet and icons with text reading HIPAA Privacy Rule Basics.
What is the HIPAA Privacy Rule?
HIPAA

The HIPAA Privacy Rule is crucial for protecting PHI and ensuring patient privacy. Learn about HIPAA PHI compliance with our free guide.

Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart InspectShopping Cart Monitor (PCI 6.4.3 & 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
CMMC Compliance
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2026 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
SecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2001–2026 SecurityMetrics, Inc.
All rights reserved.
Privacy Policy
|
Terms and Conditions
|
About us