The Apache Struts project has just released a security bulletin about a new critical vulnerability in the Apache Struts web application framework. Here's how to protect yourself.
The SAQ B is designed for merchant environments where all cardholder data is processed using standalone Point-of-Interaction (POI) terminals connected via an analog phone line.
While convenient, mobile devices on your network can pose a risk to your business.
Learn more about SAQ P2PE and who qualifies for it.
If you have a knack for solving problems, good organizational skills, and attention to detail, cybersecurity might be a good fit for you.
Here are some steps to take to stop information from being stolen, prevent further damage and restore operations as quickly as possible.
PCI PIN refers to the security requirements and assessment for merchants that accept, process or transmit payment card personal identification numbers (PIN).
Amid the chaos and uncertainty, SecurityMetrics remains steadfast in our mission to help you close compliance gaps and prevent data breaches. We stand ready to help with your security concerns, education, and content needs at this time.
Merchants who do not qualify to assess their PCI DSS compliance using any of the simpler self-assessment questionnaires are required to use the SAQ D to validate their compliance.
The way you handle emailing credit card info might just change your scope for PCI DSS compliance.
Your reception desk might be one of the most vulnerable locations in your entire organization for a data breach. W
See the step-by-step ways the average hacker looks for valuable data and what hacking victims should do in response to an attack.
All businesses that handle payment card data, no matter their size or processing methods, must follow these requirements and be PCI compliant.
Let’s take a look at some of the different costs your business could incur as a result of a data breach.
GDPR applies to any organization that processes or holds the personal data of persons residing in the European Union. PCI applies to organizations that handle credit cards from the major card brands.
If you've experienced a data breach, you will probably need a forensic investigation to determine the cause of the breach. Here are some forensic faqs to help you understand the process of a forensic investigation.
A PCI program is a system that acquirers use to keep track of their merchants PCI compliance, and for merchants to receive the training and tools they need to achieve PCI compliance and remain PCI compliant.
Simply installing a firewall on your organization’s network perimeter doesn’t secure your network or make you HIPAA compliant. Proper configuration is critical for HIPAA compliant firewalls.
What should you look for in a PCI program and how will you know which PCI program is right for you?
How do you secure data on mobile devices? Physical security and mobile device policies are good at protecting the device itself, but another way to protect the data on the device is mobile encryption.
To discover your PCI scope and what must be included for yourPCI compliance, you need to identify anything that processes, stores, or transmits cardholder data, and then evaluate what people and systems are communicating with your systems.
.svg)
