Pretend PCI DSS compliance is a highbar. How you handle cardholder data will determine whether you have to throw a small, light portion of your network over the bar or the whole hulking mass of it.
IT service providers can make compliance easier -- but how?
Continue readingThe top cause of security vulnerabilities are outdated and unpatched systems. See the data to prove it, and know which types of systems are more commonly out of date.
Inside you'll see the top 10 external security vulnerabilities, the top 10 internal vulnerabilities, and the most common causes, all found in the 2014 Global Threat Intelligence Report.
Continue readingThis year's Verizon Data Breach Investigations Report has a lighter tone, but its data and analysis are as sobering as ever.
Get insights and charts from the report, and see which types of security incidents happen most often in your clients' industries.
Continue readingIT providers, do you have clients in healthcare? Do you handle their patient data? If yes, then you are almost certainly required to protect that data by HIPAA.
HIPAA calls this data “electronic protected health information,” or ePHI. Essentially, it is electronic information about a patient. It can be anything from a patient’s phone number to a recent diagnosis.
HIPAA requires healthcare organizations to protect this data. It also requires their “business associates” to protect it – and that includes their IT service providers.
Continue readingMalware sites increasingly use services like Google and GoDaddy for hosting. The Washington Post even called Amazon a “hornet’s nest of malware."
These trends and others are described in the SERT Quarterly Threat Intelligence Report Q4 2013. We dig through the report to give you the top malware sites, hosting providers, and more to watch out for.
Continue reading