Patients’ medical records are some of the most attractive targets for theft. The US Department of Health and Human Services (HHS) designated them as protected health information (PHI) in the…
-
-
Some regulatory frameworks explicitly require penetration testing from eligible parties. But even those that don’t require it outright may still have other mandates that would be met or exceeded efficiently…
-
Achieving and maintaining HIPAA compliance is critical for the long-term success of healthcare organizations and their business associates. The Health Insurance Portability and Accountability Act (HIPAA) establishes strict requirements for…
-
For organizations looking to begin penetration testing, two available options include online (automated) and offline (manual) tests. While automating allows for more frequent and faster testing, manual testing has its…
-
Service organizations that need to become SOC 2 compliant often struggle with scoping out their SOC 2 Report. Other issues include covering gaps in the control layout and allocating the…
-
In the world of financial transactions, the acronym PCI is the most common term used and refers to the Payment Card Industry. (The longer version is PCI DSS, or Payment…
-
The impending European Union General Data Protection Regulation (GDPR) represents a sea-change in a company’s security strategies, transcending checkbox compliance programs.
-
Looking to pen test your website? Follow this five-step plan for a successful exercise: Prepare your defenses to ensure simulated attacks provide the deepest insights Negotiate with the testing team…
-
Without a doubt, Bitcoin, cryptocurrency, and the blockchain are in the process of revolutionizing the entire landscape of global finance. Experts from major think tanks like the MIT Technology Review…
-
What compels your click? By now most of us recognize obvious spam emails that invite you to view celebrity gossip news or lure you in via offers of free travel…