The Most Impactful Changes to PCI DSS v4.0

by Hannah Grace Holladay / March 21, 2024

Auditor Insights Webinar Recap The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards established to protect credit and debit card transactions from fraud and data breaches. The standard is updated regularly to adapt to new security threats and changes in technology. Version 4.0 will be released and required by March 2025.  In this webinar hosted by PCI-expert Randy Bartels, we explore the most impactful…

5 Questions to Ask When Choosing Your Audit Partner

by Tori Thurmond / June 13, 2023

How do you choose the right audit partner for your compliance journey?   In order to successfully protect your data and your reputation through an information security audit, you must first choose an audit firm. This firm is the entity that will have access to your people, your assets, your data, and your risks. This can be an overwhelming task, but it’s extremely important. Hiring a firm to provide information security…

What CISOs Have to Know about Data Governance 

by Tori Thurmond / June 15, 2023

With the amount of data organizations possess today, is true data governance possible anymore? CISOs’ jobs are becoming more challenging with the influx of data—not to mention the risk that goes along with that data.  As a reminder, data governance is defined as –   “An organization’s internal process of ensuring data integrity, confidentiality, availability, quality, transparency, minimization of collection, access and use, defined legal bases for the use of data,…

Man working on computer

5 Ways to Prevent Zero Day Attacks 

by Tori Thurmond / October 4, 2023

Hackers get better at their jobs every day.   It can be overwhelming to try to stay ahead and keep your organization as secure as possible. New ways to capitalize on vulnerabilities within an organization’s security landscape pop up frequently putting your data at risk. One of the methods threat actors use to gain control of your environment is through zero-day attacks.   A zero-day attack, or Day Zero, is a software-related…

Failure is a good thing.

by Hannah Grace Holladay / June 13, 2023

We are wired to avoid failure.  We often do everything in our power to make sure we will succeed at whatever endeavor we embark on and can even become terrified at the possibility of failure. The same is true of an audit – everyone starts their audit journey hoping they won’t fail.  “Are we going to fail?” is such a common question amongst our clients, and we understand that feeling.…