Tune into the SecurityMetrics Podcast this week as host Jen Stone interviews Tillery, Director of Training and Education at Neuvik, to learn about the cybersecurity skills gap and how to bridge it. Listen to learn: How to attain an entry-level cybersecurity position. Why companies should focus more on employee trainings. The benefits of allowing employees time to learn during the workday. Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA) [Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to you ..read more

Tune in this week as Jen Stone sits down with Ryan Leirvik (founder and CEO of Neuvik) to discuss how to effectively communicate cybersecurity risk to a board of directors. Listen to learn: How to frame cybersecurity risks in a way that aligns with business objectives and priorities. How to break down complex security concepts for executives. How to create a healthy relationship with executives. Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA) [Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk ..read more

Tune in this week as Jen Stone sits down with Donna Grindle (CEO of Kardon) to learn about the Health Industry Cybersecurity Practices (HICP) framework and how the 405(d) initiative and the Health Sector Coordinating Council (HSCC) are working together to provide free cybersecurity guidance to healthcare organizations. Listen to learn: How the HHS provides specific guidance for HIPAA compliance with HICUP. How the 405(d) program provides resources and guidance for HIPAA compliance. The upcoming HIPAA boot camp that is designed to teach healthcare professionals about HIPAA compliance and cybe ..read more

Tune in this week as Jen Stone sits down with Candice Pressinger, an award-winning payment security leader, discussing the critical role acquirers play in the PCI ecosystem. This episode is a valuable resource for merchants seeking to understand acquirer roles in PCI compliance and gain insights into the broader payments industry. Listen to learn: -How acquirers aid merchants in PCI compliance. -The importance of collaboration within the payments industry -How PCI compliance serves as a strong foundation for overall security posture Filmed at the 2023 PCI Community Meeting in Dublin, Ireland ..read more

HITRUST certification can be a significant undertaking. However, with the right guidance and support, organizations can overcome the challenges and establish a strong foundation for data security. Tune in this week as Jen Stone (MCIS, CISSP, CISA, QSA) sits down with Lee Pierce (Director of Enterprise Sales at SecurityMetrics) and Peter Briel (Founder of Privaxi, CISA, CISO, CISM, CCSFP) to discuss how organizations can better approach HITRUST compliance. Listen to learn: How HITRUST differs from HIPAA How HITRUST can be beneficial to your organization How SecurityMetrics and Privaxi ensure ..read more

In this episode of the Security Metrics Podcast, Jen Stone chats with Keith O' Looney, an expert in multi-factor authentication (MFA) and PCI DSS compliance. They discuss the new requirements for MFA in PCI DSS 4.0, the challenges organizations face in implementing MFA, and how behavioral biometrics offer a unique solution. Learn how to navigate the changing landscape of cybersecurity and protect your data with robust authentication measures. Listen to learn: The new PCI DSS 4.0 requirements for multi-factor authentication (MFA), including:  How traditional MFA methods are becoming less ..read more

In this episode of the Security Metrics podcast, Jen Stone chats with Heidi Babi, an ISA, PCIP, and CISSP at Mars Corporation, about managing PCI compliance in a massive, complex organization with hundreds of data flows. Listen to learn: How to break down overwhelming requirements into manageable steps and design flexible solutions for future growth. How to utilize compensating controls and customized solutions to achieve robust security. How to build rapport with internal teams (security, finance, etc.) to create a more functional and effective PCI program for your company. Filmed at the ..read more

Join Jen Stone of SecurityMetrics as she sits down with two industry veterans, Gary Glover (VP of Assessments at SecurityMetrics) and Andy Barratt (VP of Assurance Business at Coalfire), for a lively discussion about their careers, the challenges of PCI compliance, and the unique collaboration they share through the PCI Security Standards Council's GEAR program. Listen to learn: How this vital program that brings together leading QSA companies to provide feedback and influence on PCI standards. Get insights into where the PCI landscape is headed and how GEAR is shaping its evolution. Discove ..read more

In this episode of the SecurityMetrics Podcast, Jeremy King (Regional VP for Europe, Middle East, and Africa at the PCI Security Standards Council) provides an overview of the recent community meeting in Dublin, Ireland, and why it is important for your business to attend the annual PCI Community Meeting. Listen to learn: How the community meeting provides a valuable opportunity to learn about the new requirements and get help with PCI implementation. How assessors are playing a critical role in helping organizations prepare for the transition. Why collaboration is a key theme of the PCI Com ..read more

This episode of the Security Metrics Podcast discusses the transition from the Payment Application Data Security Standard (PA-DSS) to the Software Security Framework (SSF). The guest speaker, Jake Marcinko, is a Standards Manager at the PCI Security Standards Council and chairs the SSF working groups. Listen to learn: How the PCI Security Standards Council is continuously evolving the SSF to keep pace with emerging threats and technologies. Why the SSF replaced the previous Payment Application Data Security Standard (PADSS). The recent updates to SSF to address the increasing use of cloud-ba ..read more