SecurityMetrics Podcast

Learn more about cyber risks for small businesses: 

Are you a small-medium business owner? Did you just get a message from your bank telling you to call SecurityMetrics? Are you worried about having a bad experience? Do you know what PCI even means? This episode is for you.

Learn how SecurityMetrics can help you navigate this regulatory landscape. We'll discuss:

• Why your processor is making you do PCI comp...

Join us on this extra long episode as SecurityMetrics experts Jen Stone, Gary Glover, Aaron Willis and Chad Horton dive deep into the evolving landscape of PCI compliance for e-commerce businesses. With the deadline for PCI 4.0 rapidly approaching, understanding the new requirements for e-commerce is crucial.

In this episode, our panelists discuss:

• Understanding PCI 4.0 for e-commerce: Learn about the key changes and their implic...

Download the guide: https://www.cisecurity.org/insights/white-papers/from-both-sides-a-parental-guide-to-protecting-your-childs-online-activity

Are you a parent looking for guidance on how to keep kids safe online? Join us for a candid conversation with Sean Atkinson, CISO at the Center for Internet Security, and his daughter, Emma, as they discuss their journey of creating a guide designed to help families have conversations about ...

Links from the episode:
https://405d.hhs.gov/

Discover the latest trends and threats in healthcare cybersecurity. This episode explores the real-world impact of cyberattacks on patient care, the vulnerabilities of medical devices, and the strategies organizations can implement to protect their sensitive data.

Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit

Request a Quote for a Penetration Te...

Confused about PCI DSS compliance standards? This video breaks down each available SAQ type, including: SAQ-A, SAQ P2PE-HW, SAQ D for Service Providers, and the newly introduced SAQ SPoC for PCI DSS 4.0.

Learn which one is right for your business based on your payment processing environment.

Learn about:

• Different SAQ types for merchants
• Eligibility criteria for each SAQ type
• Factors to consider when choosing a SAQ type
• Simplifying y...

Join Jen Stone as she chats with DevOps engineer and Day Two DevOps podcaster Kyler Middleton about her unique journey from a rural upbringing to becoming a DevOps expert. Discover how Kyler's passion for teaching led her to a career in technology, and learn about the importance of automation and documentation in building secure and efficient cloud environments.

This episode dives deep into DevOps practices, the role of Terrafo...

Is your penetration testing just a compliance formality? This episode of the SecurityMetrics Podcast redefines pen testing as a strategic partnership, empowering you to get the most out of your assessments.

Join Jen Stone and James Farnsworth as they discuss:

• The critical role of scoping: Learn how to align business needs with technical assessments for a truly impactful pen test.
• The difference between a vulnerability scan and a p...

This episode of the SecurityMetrics Podcast is a valuable resource for MSPs who want to learn more about HIPAA compliance and how to better serve their healthcare clients. Join Jen Stone and David Sims to learn more about how Managed Service Providers (MSPs) can empower healthcare organizations to achieve HIPAA compliance.

Learn about:

• The challenges of data discovery and data sprawl in healthcare organizations.
• The impo...

Struggling to automate security tasks? Feeling overwhelmed by the process?
This episode of the SecurityMetrics podcast dives deep into the world of automation with guest Mollie Breen, founder and CEO of Perygee. Mollie, a recognized cybersecurity and innovation expert, dismantles the myth of automation being a complex "one size fits all" solution.

In this episode, you'll learn:
- How to identify the ...

There are four key questions to ask about your data: Where is it? What data do you have? Who has access? What risks are associated with how the data is accessed? Tune in this week as Jen Stone sits down with award-winning entrepreneur, Ani Chaudhuri, to discuss data security and data risk management.

Listen to learn:

• Why automation is essential for effective data security.
• The importance of a "human-assisted" a...

Becoming a penetration tester in the world of cybersecurity can be more complex than you'd think, but don't let that spook you. Tune in this week as Jen Stone sits down with James Farnsworth (Team Lead / Senior Penetration Tester at SecurityMetrics) to discuss the various paths to becoming a penetration tester.

Listen to learn:

• The best tools to learn penetration testing skills.
• The numerous roles within the pe...

Tune into the SecurityMetrics Podcast this week as host Jen Stone interviews Tillery, Director of Training and Education at Neuvik, to learn about the cybersecurity skills gap and how to bridge it.

Listen to learn:

• How to attain an entry-level cybersecurity position.
• Why companies should focus more on employee trainings.
• The benefits of allowing employees time to learn during the workday.

Hosted by Jen Stone, Pri...

Tune in this week as Jen Stone sits down with Ryan Leirvik (founder and CEO of Neuvik) to discuss how to effectively communicate cybersecurity risk to a board of directors.

Listen to learn:

• How to frame cybersecurity risks in a way that aligns with business objectives and priorities.
• How to break down complex security concepts for executives.
• How to create a healthy relationship with executives.

Hosted by Jen Sto...

Tune in this week as Jen Stone sits down with Donna Grindle (CEO of Kardon) to learn about the Health Industry Cybersecurity Practices (HICP) framework and how the 405(d) initiative and the Health Sector Coordinating Council (HSCC) are working together to provide free cybersecurity guidance to healthcare organizations.

Listen to learn:

• How the HHS provides specific guidance for HIPAA compliance with HICUP.
• How the 405(d)...

Tune in this week as Jen Stone sits down with Candice Pressinger, an award-winning payment security leader, discussing the critical role acquirers play in the PCI ecosystem. This episode is a valuable resource for merchants seeking to understand acquirer roles in PCI compliance and gain insights into the broader payments industry.

Listen to learn:
-How acquirers aid merchants in PCI compliance.
-The importance of c...

HITRUST certification can be a significant undertaking. However, with the right guidance and support, organizations can overcome the challenges and establish a strong foundation for data security. Tune in this week as Jen Stone (MCIS, CISSP, CISA, QSA) sits down with Lee Pierce (Director of Enterprise Sales at SecurityMetrics) and Peter Briel (Founder of Privaxi, CISA, CISO, CISM, CCSFP) to discuss how organizations can better appr...

In this episode of the SecurityMetrics Podcast, Jen Stone chats with Keith O' Looney, an expert in multi-factor authentication (MFA) and PCI DSS compliance. They discuss the new requirements for MFA in PCI DSS 4.0, the challenges organizations face in implementing MFA, and how behavioral biometrics offer a unique solution. Learn how to navigate the changing landscape of cybersecurity and protect your data with robust authentic...

In this episode of the SecurityMetrics podcast, Jen Stone chats with Heidi Babi (PCI Security Assurance & Compliance Sr. Lead at Mars Corporation) about managing PCI compliance in a massive, complex organization with hundreds of data flows.
Listen to learn:

• How to break down overwhelming requirements into manageable steps and design flexible solutions for future growth.
• How to utilize compensating controls and c...

Join Jen Stone of SecurityMetrics as she sits down with two industry veterans, Gary Glover (VP of Assessments at SecurityMetrics) and Andy Barratt (VP of Assurance Business at Coalfire), for a lively discussion about their careers, the challenges of PCI compliance, and the unique collaboration they share through the PCI Security Standards Council's GEAR program.

Listen to learn:

• How this vital program that brings t...