Blog
Insights for Reasonable Cyber Security and Compliance
What’s happening in the world of cybersecurity? How do you define 'reasonable' security controls? Which cyber threats can be prevented? What steps should you take to make your systems safer? Read our blog posts to gain new insights into cybersecurity news, security awareness, the latest threats and risks, penetration testing, compliance, regulations and so much more.
Eye Care Network Settles Data Breach Suit for $3 Million
20/20 Eye Care Network, Inc. is a managed vision care company that offers a complete array of third party services through its network of ophthalmologists, ambulatory surgical centers, and retail vision centers. The company is based in Hialeah, FL and is owned by parent company, iCare Health Solutions, an ocular health services provider for health plans.
(more…)HALOCK Presenting on PCI Compliance at The Payments Academy Annual Conference
Viviana Wesley of HALOCK Security Labs and Justin Evans of the University of Iowa will be presenting at The Payments Academy Annual Conference, held May 7-10, 2023, in Indianapolis, Indiana. Registration details are available on the website.
International Women’s Day | Women in Cybersecurity
International Women’s Day is a global day celebrating the social, economic, cultural and political achievements of women. And what better way to celebrate by recognizing the progress women have made in cybersecurity.
(more…)SAQ Comparison Summaries Webinar
We’ve compared the version 3.2.1 to version 4.0 Self-Assessment Questionnaires.
Join Viviana Wesley to learn about the differences in SAQ types, A, A-EP, B, B-IP, C, C-VT and P2PE.
How to do Targeted Risk Analysis using a Duty of Care Risk Analysis Method Webinar
In version 4.0, all periodic cadence requirements must be justified with a targeted risk analysis. Also, if the customized approach is used to validate compliance with a requirement, a targeted risk analysis must be performed.
Webinar: A Deep Dive into the New 4.0 DSS Requirements Applicable Immediately
There are 14 new requirements that are effective immediately for any PCI DSS 4.0 validation. Join Viviana Wesley for a deep dive into these requirements so your organization can start working on these right away.
Webinar: A Deep Dive into the Emerging New 4.0 DSS Requirements that are Due by March 2025
There are 51 requirements that are best practices until March of 2025. Some will be process related and some will require technology or program changes.
Preparing for Your Transition to PCI DSS v4.0 Webinar
PCI DSS v3.2.1 expires on March 31, 2024. Organizations should now be planning their transition to PCI DSS v4.0. With 64 new requirements in PCI DSS v4.0, companies have a lot to consider in preparation for the coming deadline. In our 5-part PCI Webinar Series, learn about the general changes to 4.0, new requirements, best practices, and how an increased focus on risk evaluations in this new version will be a driving force for security and compliance. Register for the first session and view details of the other four webinars below.
(more…)