SecurityMetrics Podcast

Join us on this extra long episode as SecurityMetrics experts Jen Stone, Gary Glover, Aaron Willis and Chad Horton dive deep into the evolving landscape of PCI compliance for e-commerce businesses. With the deadline for PCI 4.0 rapidly approaching, understanding the new requirements for e-commerce is crucial.

In this episode, our panelists discuss:

• Understanding PCI 4.0 for e-commerce: Learn about the key changes and their implications for your business, especially if you're a small or medium-sized enterprise.
• Combatting e-commerce skimmers: Discover how attackers target online transactions and the measures you can take to protect your customers' data.
• The power of script analysis: Understand how script scanning can help identify and mitigate vulnerabilities on your e-commerce website.
• Securing dynamic content: Explore the challenges of protecting websites with constantly changing content.
• Choosing the right security solution: Weigh the pros and cons of agent-based and agentless solutions, considering the specific needs of your business.

Whether you're a seasoned PCI professional or just starting your compliance journey, learn this episode provides valuable insights to help you safeguard your e-commerce business and protect your customers' sensitive information.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Download the guide: https://www.cisecurity.org/insights/white-papers/from-both-sides-a-parental-guide-to-protecting-your-childs-online-activity

Are you a parent looking for guidance on how to keep kids safe online? Join us for a candid conversation with Sean Atkinson, CISO at the Center for Internet Security, and his daughter, Emma, as they discuss their journey of creating a guide designed to help families have conversations about online safety.

In this episode, you'll learn:

• Why open communication is key: Discover how Sean and Emma fostered an environment of trust and understanding about online safety.
• Common online dangers: Understand the risks your child may face, such as sharing personal information, cyberbullying, and meeting strangers online.
• Practical tips for parents: Get actionable advice on how to set boundaries, have difficult conversations, and create a safe online space for your child.

Whether you're a new parent or a seasoned digital native, this podcast will help you start conversations and find resources to help you protect your child in the ever-evolving online world.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Links from the episode:
https://405d.hhs.gov/

Discover the latest trends and threats in healthcare cybersecurity. This episode explores the real-world impact of cyberattacks on patient care, the vulnerabilities of medical devices, and the strategies organizations can implement to protect their sensitive data.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Confused about PCI DSS compliance standards? This video breaks down each available SAQ type, including: SAQ-A, SAQ P2PE-HW, SAQ D for Service Providers, and the newly introduced SAQ SPoC for PCI DSS 4.0.

Learn which one is right for your business based on your payment processing environment.

Learn about:

• Different SAQ types for merchants
• Eligibility criteria for each SAQ type
• Factors to consider when choosing a SAQ type
• Simplifying your PCI compliance

Listen now to learn what your business can do to protect itself from data breaches and be compliant.

#PCIcompliance #paymentsecurity #merchant #smallbusiness #cybersecurity

https://www.youtube.com/watch?v=XoR0Tt8uHl4 

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Join Jen Stone as she chats with DevOps engineer and Day Two DevOps podcaster Kyler Middleton about her unique journey from a rural upbringing to becoming a DevOps expert. Discover how Kyler's passion for teaching led her to a career in technology, and learn about the importance of automation and documentation in building secure and efficient cloud environments.

This episode dives deep into DevOps practices, the role of Terraform, Azure vs AWS, and the challenges organizations face when adopting cloud technologies. Kyler shares valuable insights on overcoming common hurdles, fostering a blameless culture, and the future of DevOps. Don't miss this engaging conversation!

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA).

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Worried about hotel hacking? This episode unveils the cybersecurity protocols of resorts like Atlantis. ️

Dive deep into the unique challenges of cybersecurity in hospitality, from balancing guest convenience with ironclad defenses to training a diverse workforce.

Tsega Thompson, Executive Director of Cybersecurity and Data Privacy at Atlantis Resorts, shares her insights on:

• Getting into Cybersecurity
• Special Challenges of Cyber in the Hotel Industry
• Training your workforce effectively

This is your essential guide to cybersecurity in the hospitality industry, packed with valuable tips for travelers and hospitality professionals alike.

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA).

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Is your penetration testing just a compliance formality? This episode of the SecurityMetrics Podcast redefines pen testing as a strategic partnership, empowering you to get the most out of your assessments.

Join Jen Stone and James Farnsworth as they discuss:

• The critical role of scoping: Learn how to align business needs with technical assessments for a truly impactful pen test.
• The difference between a vulnerability scan and a penetration test
• Unlocking report potential: Discover how to leverage pen testing reports for maximum security benefit.
• Tips for fostering a successful collaboration with your pen testing service.

Stop seeing penetration testing as a checkbox exercise and transform it into a powerful tool for boosting your organization's security posture.

Bonus Resources:

• PenTest FAQs:https://www.youtube.com/watch?v=EECUTDMn43U 
• James' Previous Episode: Hacking Your Career: How to Become a Penetration Tester | SecurityMetrics Podcast 95

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA).

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

This episode of the SecurityMetrics Podcast is a valuable resource for MSPs who want to learn more about HIPAA compliance and how to better serve their healthcare clients. Join Jen Stone and David Sims to learn more about how Managed Service Providers (MSPs) can empower healthcare organizations to achieve HIPAA compliance.

Learn about:

• The challenges of data discovery and data sprawl in healthcare organizations.
• The importance of having a documented HIPAA compliance program.
• The difference between required and addressable HIPAA controls.
• Choosing the right MSP for your healthcare organization
• How to successfully collaborate with HIPAA compliance officers within healthcare organizations.
• Why HIPAA Compliance goes beyond a BAA

Bonus Resources:

David Sims and Donna Grindle’s Podcast: Help Me With HIPAA (@Helpmewithhipaa) https://helpmewithhipaa.com/
HIPAA for MSPs: https://www.hipaaformsps.com/
American Institute of Healthcare Compliance (AIHC): https://aihc-assn.org/

SM Podcast Episodes with Donna Grindle:

• HHS 405(d) Fundamentals: A Guide for Healthcare Providers and MSPs | SecurityMetrics Podcast 92
• HIPAA Basics: Where to Start with Practices and Training | SecurityMetrics Podcast 63
• HHS 405(d) - What You Need To Know | SecurityMetrics Podcast 45
• Business Continuity during Healthcare Crisis | SecurityMetrics Podcast 6

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA).

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

Struggling to automate security tasks? Feeling overwhelmed by the process?
This episode of the SecurityMetrics podcast dives deep into the world of automation with guest Mollie Breen, founder and CEO of Perygee. Mollie, a recognized cybersecurity and innovation expert, dismantles the myth of automation being a complex "one size fits all" solution.

In this episode, you'll learn:
- How to identify the best manual processes to automate for maximum impact
- Practical steps to overcome common automation friction points
- How to leverage AI to enhance automation efforts and make them even more efficient
- The exciting future of automation and AI in the security landscape
- Real-world use cases that showcase the power of automation


Whether you're a security professional or simply looking to streamline workflows, this episode offers valuable insights and actionable tips to get you started.

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA)

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place

There are four key questions to ask about your data: Where is it? What data do you have? Who has access? What risks are associated with how the data is accessed? Tune in this week as Jen Stone sits down with award-winning entrepreneur, Ani Chaudhuri, to discuss data security and data risk management.

Listen to learn:

• Why automation is essential for effective data security.
• The importance of a "human-assisted" approach to data security.
• How Ani's company helps organizations achieve data security goals.

Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA)

[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing

Get the Guide to PCI DSS compliance ► https://www.securitymetrics.com/lp/pci/pci-guide

Get FREE security and compliance training ► https://academy.securitymetrics.com/

Get in touch with SecurityMetrics' Sales Team ► https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place