CISO, vCISO, Security Program

What is a Tabletop Exercise and Why is it Valuable? – An interview with Aaron Wheeler, Truvantis Security Consultant

In this interview with Truvantis CEO Andy Cottrell, Aaron Wheeler discusses conducting tabletop exercises and how his clients derive value. What is a Tabletop Exercise? “It's a chance for clients to stress test environment policiesand procedures. In our case, business

Read More

CISO, vCISO, Security Program

Why is Cybersecurity Difficult? – An interview with Jennifer Hill, Truvantis Security Consultant

In this interview with Truvantis CEO Andy Cottrell, Jenny Hill discusses the challenges and evolution of security programs she sees across industries. In theory, cybersecurity should be easy. Why is it so hard? “It never stays stagnant. Every minute

Read More

PCI DSS

PCI DSS Version 4 – Controversial Topics with The PCI Dream Team

The Truvantis Risk Radar welcomed the PCI Dream Team to the first stop of their 2023 book tour. Their new book is called, “The Definitive Guide to PCI DSS Version 4”. The authors have more than 50 years of combined PCI experience. When it comes to

Read More

PCI DSS

The New Customized Approach for PCI DSS Version 4 - The PCI Dream Team

The Truvantis Risk Radar welcomed the PCI Dream Team to the first stop of their 2023 book tour. Their new book is called, “The Definitive Guide to PCI DSS Version 4 ”. The authors have more than 50 years of combined PCI experience. When it comes to

Read More

Penetration Testing, Security Program, Risk Assessment, Red Team

Penetration Testing – Stories from the Field by William Suthers

William gets to the point of what a pen test should do for your business and how to avoid costly mistakes.

Read More

PCI DSS

The State of Computer Security in the US According to the PCI Dream Team

The Truvantis Risk Radar welcomed the PCI Dream Team to the first stop of their 2023 book tour. Their new book is called, “The Definitive Guide to PCI DSS Version 4 ”. The authors have more than 50 years of combined PCI experience. When it comes to

Read More

HIPAA, Security Program, CCPA

Data Breach in the Healthcare Industry – The High Cost of Doing Nothing

As technology advances and the reliance on digital systems grows, the risk of data breaches in the health-tech sector has increased significantly. This article explores the implications healthcare providers face following data breaches, focusing on

Read More

Privacy

Tennessee's New Privacy "Shield": 3 Tips for Approaching the NIST Privacy Framework by Jerrod Montoya

What's new with State Privacy Laws? There are now ten comprehensive privacy laws enacted in the United States. The new 2023 laws include those in Montana, Indiana, Iowa, Tennessee, and Texas. These laws join existing laws, including California,

Read More

CIS Controls, Security Program

Beyond the Breach

Ok, so you had a data breach. What do you do next? Some experts warn that it's not a matter of 'if' but 'when' your information management system will get breached. Time-to-detection and time-to-recovery are essential factors of business continuity.

Read More

PCI DSS

Are You Ready for PCI DSS 4.0? - Advice from Jeff Hall, the PCI Guru

NOTE: PCI DSS compliance with it is mandated by the contracts merchants sign with the card brands (Visa, MasterCard, etc.) and the banks that handle their payment processing. In a few states it is also a law. We asked recognized expert Jeff Hall,

Read More