The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • What to Expect in the PCI 3.2 Update

    April 04, 2016, Shawn Shifflett, CISSP, QSA, Senior Practice Director, PCI

    A preview of new requirements and guidance expected later this month from the Payment Card Industry Security Standards Council was announced Thursday. The PCI DSS 3.2 version represents the first update to the standard that the Council has released since 3.1 in April 2015 and 3.0 in November of 2013.

  • What You Need to Know From the Cybersecurity Act of 2015: Part One

    January 19, 2016, Rick Link, Managing Director

    On Dec. 18, 2015, President Obama signed into law an omnibus spending bill that included the Cybersecurity Act of 2015 (“The Act”). The Act was a compromise of cybersecurity information sharing bills that passed the House and Senate earlier in 2015. It creates a voluntary process for sharing cybersecurity information and is intended to encourage public- and private-sector entities to share cyber-threat information. The Act is controversial, as the active sharing of information between and among the Federal Government and private sector entities does not currently occur routinely or effectively.

  • PCI Council Gives Merchants Reprieve on PCI 3.1 Updates

    January 07, 2016, Shawn Shifflett, CISSP, QSA, Senior Practice Director, PCI

    The Payment Card Industry Security Standards Council (PCI SSC) released an update to its vulnerability standards and is giving merchants until June 2018 to migrate their security protocols, even though waiting is not recommended.

  • 2016 Cybersecurity Predictions

    December 10, 2015, Larry Jones, CEO

    The lessons learned from this past year teach us that no one is immune to cyber threats. The sooner corporate boards and executives come to understand that cybersecurity breaches are a very real and pervasive threat; then the hard work can begin to take preemptive measures and prepare an appropriate response and recovery strategy.

  • Highlights from the HITRUST Health Industry Third Party Assurance Summit

    November 19, 2015, Andrew Hicks, Healthcare and Life Sciences Practice Director

    On June 29, 2015, the Health Information Trust Alliance (HITRUST) announced that several massive payer organizations, including Anthem, Health Care Services Corp., Highmark, Humana, and UnitedHealth Group will require their business associates to obtain CSF certification.  While this is old news, HITRUST assembled more than 350 business-associate attendees at the “Health Industry Third Party Assurance Summit: Driving Efficiencies and Compliance through the HITRUST Assurance Program” last Friday as a way for business associates to (1) better understand the reasons for the mandate, (2) understand the journey to CSF certification, (3) interact with CSF Assessor organizations (such as Coalfire), and (4) learn about current initiatives underway at HITRUST.

  • Displaying results 1-5 (of 193)
     |<  < 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10  >  >| 

Recent Posts

Post Topics

Archives

Tags

Follow us to get the latest updates.