Blog

Directive to patch Microsoft Exchange server zero-days immediately SEO Cyberattack: hackers use strategy to push malicious web pages up the rankings Are password managers safe? Experts compare LastPass vs. 1Password

In this SecurityMetrics News episode, Heff and Forrest analyze recent cybersecurity news, including the unprecedented SolarWinds security breach and the FireEye compromise.

For clients of the SecurityMetrics Threat Intelligence Center, we are actively scanning and informing clients of outbound Log4j indicators of compromise.

Join Heff this week as he dives into the Western Digital hard drive vulnerability, the recent bad news from Microsoft, and breach #2 of this year for LinkedIn.

Card data discovery is an important part of payment data security and complying with PCI DSS requirement 3. If you are going to store credit card data, you’ll need to know where it is captured, where it is stored, where it is transmitted, and where it is received.

Protect sensitive data from social engineering attacks.

The role of the third party is evolving.

While most healthcare entities follow the Privacy Rule fairly well, many aren’t compliant in the HIPAA Security Rule.

In 2020, we hosted the first annual SecurityMetrics Summit; a virtual data security and compliance conference on September 23rd and 24th.

Learn how to maximize security through simple practices and employee training.

VPNs are a popular tool that helps businesses make sure outside users are authorized and that transmitted data is encrypted.

The year 2020 was surprising in many ways and the digital forensics industry offered some surprises as well as some more predictable outcomes.

With ecommerce attacks on the rise, it's crucial for businesses to learn how to strengthen their ecommerce security.

Merchants using the SAQ C to validate their PCI DSS compliance should be aware of changes that were introduced into this questionnaire during the publication of the SAQ C version 4.0.

Learn the three essential steps to help you effectively prepare for a HIPAA audit.

Learn 5 basic practices to get PCI compliant, even if you're new to PCI or a compliance veteran.

Get answers to the most common firewall questions.

Web application firewalls rest in front of public-facing web applications to monitor, detect, and prevent web-based attacks.

See how healthcare organizations are managing their firewalls.

PCI Requirement 1 deals with setting up and configuring firewalls to protect your business data.

PCI DSS requires anti-malware software to be installed on all systems that are commonly affected by malware (e.g., Windows).

With March 31, 2025 as a target destination, managed security service providers and enterprises from across the digital commerce chain are taking a measured approach to implementing PCI DSS version 4.0.

This blog will discuss changes to the PCI DSS 4.0 SAQ questionnaires and is based on our Webinar "PCI DSS 4.0: What's New and How It Affects You."

This blog will discuss changes made to the SAQ P2PE version 4.0 and will review the process of performing a self-assessment using the SAQ P2PE.