PCI DSS 4.0 Password Requirements: A Guide to Compliance
by Derek Boczenowski on November 20, 2024 at 2:16 PM
As cyber threats evolve, ensuring the security of sensitive payment card data has become increasingly crucial for businesses across all industries. The Payment Card Industry Data Security Standard (PCI DSS) was introduced to provide a framework for safeguarding payment card data. The …
What to Look for When Choosing a SOC 2 Audit Firm
by Derek Boczenowski on May 23, 2024 at 9:30 AM
Selecting a SOC 2 auditor can be challenging for many business leaders. This significant financial commitment demonstrates your dedication to data security to your business partners and customers. With numerous audit firms vying for your SOC 2 business, what criteria should you consid …
What Is a SOC 2 Report and Who Needs One?
by Derek Boczenowski on March 29, 2024 at 11:43 AM
In an era where data security and privacy are paramount, the SOC 2 report emerges as a critical tool for organizations that manage customer data. Tailored to ensure the safeguarding of information, a SOC 2 report not only enhances an organization's credibility but also solidifies its …
NIST Cybersecurity Framework 2.0 – Key Takeaways
by Derek Boczenowski on March 7, 2024 at 1:30 PM
Last week, the National Institute of Standards and Technology (NIST) unveiled the second version of its Cybersecurity Framework (CSF), marking the first major new updates to NIST CSF since the framework's inception ten years ago. Initiated by Executive Order 13636, the development of …
Understanding the Key Differences Between IT Governance & Compliance
by Derek Boczenowski on February 2, 2024 at 3:00 PM
In the dynamic landscape of business expansion and evolution, distinguishing between IT governance and compliance becomes not just beneficial, but essential. While both are pillars in safeguarding organizations against a myriad of risks, they differ in their core objectives, methodolo …
What is Protected Health Information (PHI)?
by Derek Boczenowski on January 3, 2024 at 4:30 PM
Protected Health Information (PHI) is a key element in healthcare, governed by stringent legal and ethical standards. This blog explores what PHI encompasses, its significance under HIPAA regulations, and the crucial distinction between PHI and electronic PHI (ePHI). The blog also del …