A board reporting checklist for CISOs
Transform your cybersecurity strategy from reactive to proactive with the Comprehensive Guide to Cyber Ranges. Learn how high-fidelity simulated environments empower security professionals to train, test, and respond effectively to evolving threats.
The importance of reputation and resilience in cybersecurity
Discover the Winter 2024 Grid® Report for Third Party & Supplier Risk Management Software. Get insights into leading solutions like UpGuard, Secureframe, and more. Learn about features, satisfaction ratings, and market presence to make informed decisions for your risk management needs
The data and insights in this report are based on an online survey conducted in November 2022 among 209 security and IT leaders and executives, security administrators, and compliance professionals in the U.S. from CRA’s Business Intelligence research panel. The objective of this study was to reveal organizations’ experience with cybersecurity attacks originating from third parties as well as their assessments of their supply chain visibility, and other issues related to managing third-party risk.
Stay informed about the evolving landscape of cybersecurity threats stemming from third-party breaches with a comprehensive overview of recent incidents and legislative responses.
Understanding the Payment Card Industry Data Security Standard version 4.0.
A comprehensive checklist
The PCI SSC covers 15 different PCI security standards and specifies where they apply to the payment process. For the topic of PCI DSS 4.0 pillar 2 and 4 stand out specifically as a driving factor for this new standard and its requirements. All organizations that are covered by PCI DSS 4.0 must comply with the new standards by March 31, 2024. A new addition to the standard as compared to the 3.x one is the inclusion of APIs. (The changes between v3.2.1 and 4.0 are outlined in this white paper.
Overcoming Staffing and Compliance Challenges in Cyber Risk Management
This document was developed to help merchants and service providers understand the Payment Card Industry Data Security Standard (PCI DSS) Self-Assessment Questionnaires (SAQs). To understand the SAQs, which strategies your organization can use to facilitate the completion of a PCI DSS SAQ, and which SAQ your organization is eligible to complete, we recommend that you review this Instructions and Guidelines document in its entirety.
The 15 Providers That Matter Most And How They Stack Up
Building cyber resilience for resource-constrained teams
PCI DSS v4.0 introduced the concept of targeted risk analysis (TRA) and includes two different types of TRAs. A description of each, answers to frequently asked questions, and a table that lists the PCI DSS requirements that specify completion of TRAs to define how frequently to perform an activity are provided in this document.