What is network penetration testing? PCI DSS Requirement 11 calls for regular vulnerability scanning and penetration testing.
The FBI has reported an increase in discovered and reported attacks against all organizations, with 83% of ransomware attacks against healthcare.
PCI DSS compliance is not only a great tool for protecting payment data, but overall data security.
2022 Forensic Predictions: SecurityMetrics Forensic Investigators have witnessed the rise and fall of popular attack trends over 20 consecutive years.
Data privacy and protection (DPP) laws aren’t entirely new to the security and compliance landscape, but the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are prompting many organizations to take a more formal approach to DPP.
This blog explains how to do a quick risk assessment on an app in the app store or one that you’ve downloaded on your phone to determine if an app is secure.
Businesses must ensure their key servers, certificate authorities, open SSL libraries, and server updates are secure.
2021 security year review and our predictions of things that we think will be forefront in cybersecurity this year.
Phishing Email Scams remain one of the top threats to companies.
To help you focus your cybersecurity efforts, we've compiled our top 5 blogs to help you prepare for 2022.
How to prepare for cybersecurity in 2021. We outline the top five blogs to help you train employees, understand the threat landscape, avoid malware, and support compliance efforts as you head into 2021.
What area of your business would benefit the most from a penetration test?
Increasing Satisfaction in PCI DSS Programs for Acquirers and ISOs: Learn why PCI DSS programs are beneficial to businesses and how to manage expectations around PCI programs.
From COVID-related challenges to firewall configuration to e-commerce web skimming, SecurityMetrics Cybersecurity Conference and Summit 2020 provided cybersecurity content and sessions for everyone in the data security and compliance industry.
New cybersecurity threats were popping up rapidly going into 2020. We analyzed the trends and made predictions for the rest of the year
Jen Stone is a Principal Security Analyst for SecurityMetrics. In her 4 years at SecurityMetrics, she has completed over 100 security assessments that include PCI, HIPAA, CIC CSC (SANS Top 20) and 23 NYCRR 500.
With the upheaval and uncertainty many are experiencing around the world during the COVID-19 pandemic, we are more committed than ever to our mission.
MITREid Connect Cross-site Scripting Vulnerability: CVE-2020-5497 Here's the situation: I was performing a penetration test that integrated with MITREid Connect for authorization.
Matt Halbleib holds QSA (Qualified Security Assessor), PA-QSA (Payment Application Qualified Security Assessor), and CISSP (Certified Information Systems Security Professional) security certifications and as a qualified assessor for the Payment Card Industry, has completed over 100 PCI DSS, PA-DSS and P2PE security assessments.
Hopefully this incident helps both healthcare to remember the fragility of patient data protection.
Health organizations have been hit hard—the healthcare industry experienced 23.7% of total data breaches.
PCI for SMBs: as an SMB owner, your business size and card processing environment will ultimately determine which SAQ you need to follow.
The Payment Card Industry Security Standards Council (PCI SSC) recently announced the release of the PCI DSS 3.2.1.
.svg)
