Reference Materials





A major university located in the Midwest was interested in comparing HALOCK’s penetration testing services to those of a competitor to see if there were any material differences.





Whether you're implementing a new HIPAA security program or managing an existing program over time, it can be helpful to use a checklist to make sure you're covering all of the necessary steps.

Have an incident response plan in place before you experience an incident. Be sure that your IR plan includes the following 10 items to ensure the incident response progresses as smoothly as possible.

HALOCK’s FastStart Vendor Risk Management (VRM) Checklist allows organizations to initiate a formal VRM Program and get started immediately!

Keeping Security Awareness top-of-mind in your organization is crucial. Use this pen testing checklist as a reference to ensure that the proper practices in your organization are being met.







PCI DSS 3.1 further clarifies the changes made in PCI DSS 3.0 by addressing 30 clarifications to existing requirements, four guidance points that serve to improve understanding of the requirements.

The changes in PCI Data Security Standard (PCI DSS) 3.0 focus on some of the most frequently seen threats and risks that have led to cardholder data breaches.


There is a great deal of information and misinformation in the marketplace with regard to exactly what penetration testing is and what you should expect from a penetration testing company.

If you have some responsibility in your organization for complying with the HIPAA Security Rule, then this guide is for you.















The 8 Questions a Judge Will Ask You after a Data Breach. Define your acceptable level of risk with a duty of care risk assessment.

In 2012, OCR and their audit partner KPMG set out to assess 115 organization and test a new HIPAA audit program, and to see what the current state of HIPAA compliance was.

Staying ahead of security threats is no easy task. One threat that should definitely be on your radar is ransomware.

Business and legal journalists have been expressing disappointment at Judge Paul Magnuson’s decision to allow third party banks to sue Target Corp after their cardholder data breach.






















