The PCI Penetration Test Scoping Mistake You Don't Want to Make
October 05, 2016 | POSTED BY GEOFF WILSON IN COMPLIANCE, PCI
Most penetration testers are focused on one thing and one thing only: compromising the client. Heck, that's what they are being paid for, right?
That doesn't even make my top four goals. I see a penetration test as a building block for a larger securit...READ MORE +
What OCR Breach Data Tells Us about Healthcare Information Security
September 29, 2016 | POSTED BY GEOFF WILSON IN COMPLIANCE, HIPAA
Is your healthcare information security program aligned with the current threat landscape?
I periodically review the DHHS Office of Civil Rights (OCR) Breach Portal Data to better understand the US healthcare threat landscape.
Here's what I found wi...READ MORE +
Key Application Security Questions for IT Organizations
September 29, 2016 | POSTED BY GEOFF WILSON IN APPLICATION SECURITY
It's time we give application security the attention it requires. All IT organizations need to address application security. It doesn't matter if you develop applications in-house or buy third party-developed applications.According to the Ponemon Inst...READ MORE +