Governance, Risk & Compliance
The Importance of ICS Cybersecurity
For the past 25 years, I have been working with Operational Technology (OT), and for the last 10 I have […] ...
Penetration Testing – What’s New in the PCI DSS v4.0
Penetration testing (pen testing) remains largely the same in PCI version 4.0 as it was intended in PCI version 3.2.1, […] ...
Considerations for merging your IT and OT environments into ICS
Many organizations straddle the barrier between two different worlds: the Operational Technology (OT) world of physical machinery, manufacturing systems, SCADA, […] ...
Five Things You Need to Start Right Now to Get Ready for PCI DSS v4.0
The game, Mrs. Hudson, is ON! Version 4.0 of the PCI DSS has been published, along with the Report on […] ...
PCI DSS 4.0 – Customized Approach Explained
You’ve heard about the new Customized Approach in PCI DSS 4.0 that allows assessed entities to meet […] ...
A Comprehensive and Secure Approach to Offboarding Employees
SSO Security Procedures An employee has given notice, and it’s time to remove their access. Easy! Right? User access was […] ...
What Steps U.S. Banks Should Do to Ensure They Can Address the FDIC’s New Breach Notification Requirements
Starting May 1, U.S. banks will be required to notify their primary federal regulator of a computer-security incident within 36 […] ...
HIPAA Breach Notification Simplified
Breach notification is spelled out specifically in the HIPAA rule. If a Covered Entity (CE), a Business Associate (BA), or […] ...
PCI DSS 4.0 – The New ROC Template at a Glance
Part 5 of the PCI DSS 4.0 Launch Series The content of this blog is based solely on the PCI […] ...