It is important to know what data you actually store, process, and/or transmit.
As you implement your cybersecurity program, make sure you understand why a security control is required so you can structure tools and processes around the protection each control offers.
You are required to use industry-accepted configuration and hardening standards when setting up systems that are part of your PCI scope.
The Self-Assessment Questionnaire (SAQ) B-IP is intended for payment channels where cardholder data is processed using IP-connected PTS-approved point-of-interaction terminals.
In 2023, we've got three predictions of cyber attacks that we think will be the most prevalent this year
Third-party security risk management (TPRM) is the process of analyzing and addressing risks associated with outsourcing to third-party vendors or service providers.
The HIPAA minimum necessary rule helps covered entities manage healthcare information by requiring them to limit access to and disclosure of PHI.
Many healthcare entities haven’t yet separated the difference between the HIPAA Security Rule and HIPAA Privacy Rule.
Not all approved scanning vendors are created equal
The most commonly asked customer questions about the vulnerability scanning process.
When delete doesn’t actually delete, it can increase your vulnerability.
HIPAA compliance is a process, not a destination . . . but it doesn’t hurt to know your timeframe.
Learn the fundamentals of vulnerability scanning, especially for PCI compliance requirements.
Learn why your firewall may make you vulnerable and how SecurityMetrics Managed Firewall can help.
In order to comply with PCI Requirement 8, you need to practice proper password and username management.
If you are a service provider who stores credit card data, PCI SAQ D likely applies to you.
Segmentation is important for preventing breaches and hacks, as well as a method to reduce PCI scope.
We are strongly encouraging all SecurityMetrics clients that use Kaseya VSA software in their environment to follow the recommended guidance provided by CISA and the FBI provided below.
The HIPAA Privacy Rule is crucial for protecting PHI and ensuring patient privacy. Learn about HIPAA PHI compliance with our free guide.
Formjacking is a type of cyber attack where hackers inject malicious JavaScript code into a webpage form–most often a payment page form.
Learn what’s required to fill out SAQ A.
Learn how to effectively respond to security breaches and prevent future attacks.
Learn how PCI compliance in the cloud affects your organization. "The cloud" brings up an idea of something mysterious and far away, but in reality, “the cloud” is a third-party-managed physical server.
.svg)