Resources

Fortra Guide
Guide

Insider Insights for the PCI DSS 4.0 Transition

Is your organization ready for the new PCI DSS 4.0 Standard? To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic implementation advice from top industry insiders.Get detailed guidance on overcoming the challenges posed by each of the PCI DSS 4.0 requirements. Hear from CISOs, cybersecurity analysts,...
Compliance
PCI DSS
Fortra Guide
Guide

Essential PCI DSS v4.0 Transition Checklist

The proliferation of online transactions isn’t the only reason the PCI Council created the new 4.0 standard. Recent years have also seen increasingly sophisticated methods among cybercriminals, a surge in cloud use, and the rise of contactless payments. This spurred the need for an updated set of PCI DSS requirements, which were released in March...
Compliance
PCI DSS
Fortra Guide
Guide

Sustaining SOX Compliance Best Practices to Mitigate Risk Automate Compliance and Reduce Costs

Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results.This white paper details the SOX requirements that are best addressed by automated controls using the COBIT framework in two core...
Compliance
SOX
Fortra Guide
Guide

PCI DSS Resource Toolkit

Use this toolkit to gain a deeper understanding of where you stand with regards to your PCI DSS compliance program and the transition to PCI DSS 4.0. Establishing PCI DSS compliance goes beyond technical tools and processes: It also requires a shift in thinking about compliance as a cybersecurity process. Lean on advice from compliance experts to help you make consistent progress toward your goals...
Compliance
PCI DSS
natos_cybersecurity_spending_proposals_impact_on_the_industry
Blog

NATO's Cybersecurity Spending Proposals’ Impact on the Industry

By Guest Authors on Wed, 08/20/2025
NATO has fundamentally redefined what it means to defend the alliance. At the 2025 NATO Summit in The Hague, allies made a commitment to investing 5% of Gross Domestic Product (GDP) annually on core defense requirements and defense and security-related spending by 2035. This represents a dramatic escalation from the previous 2% GDP benchmark. The commitment also includes a condition about how they...
The Rising Tide: Understanding the Surge in Cyber Attacks in India
Blog

Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition

By Katrina Thompson on Mon, 08/18/2025
A recent report states that Indian healthcare institutions face a total of 8,614 cyberattacks every week. That is more than four times the global average and over double the amount faced by any other industry in India.If the feeling was in the air before, the numbers leave no doubt; India’s healthcare sector is an irresistible target for today’s attackers.Indian Healthcare Leads the Pack in Rising...
Vulnerability & Risk Management
Cybersecurity
The Bullseye on Banks: Why Financial Services Remain a Prime Target for Cyberattacks
Blog

The Bullseye on Banks: Why Financial Services Remain a Prime Target for Cyberattacks

By Kirsten Doyle on Thu, 07/24/2025
The frontlines of cybersecurity have long included the financial services sector, but today’s battlefield is increasingly asymmetric. Threat actors aren’t just going after the big-name banks with sprawling infrastructure and billion-dollar balance sheets. They’re targeting credit unions, wealth management firms, fintech startups, and insurance providers with the same determination and ferocity...
Compliance
SOX
Shifting Gears: India's Government Calls for Financial Cybersecurity Change
Blog

Shifting Gears: India's Government Calls for Financial Cybersecurity Change

By Katrina Thompson on Thu, 06/19/2025
Escalating tensions in the Kashmiri conflict between India and Pakistan illustrate a point the Indian government has been driving home for years; it is time to double-down on securing India's critical financial services.As the cornerstone of the nation's stability, the Banking, Financial Services, and Insurance (BFSI) sector was the focus of India's first Digital Threat Report 2024, and offers a ...
Compliance
How Human Behavior Can Strengthen Healthcare Cybersecurity
Blog

How Human Behavior Can Strengthen Healthcare Cybersecurity

By Josh Breaker-Rolfe on Tue, 06/17/2025
Few sectors exemplify the enormous value of data as healthcare does. From the relatively mundane, such as digitalizing patient data for streamlined care, to the extraordinary, like the use of AI to revolutionize prostate cancer diagnosis and care, data is the lifeblood of modern healthcare and, as such, must be protected.For years, we have been told that humans and human error are the weakest link...
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
Blog

Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE

By Kirsten Doyle on Mon, 06/09/2025
As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud alerts issued), medical records stay fresh for a long time.They contain a host of personal information, like medical histories, insurance data, and payment...
Cybersecurity
Compliance
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
Blog

Proposed HIPAA Update Makes Yearly Pen Testing Mandatory

By Katrina Thompson on Wed, 05/28/2025
In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration testing of their electronic information...
Cybersecurity
Compliance
HIPAA
Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare
Blog

Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare

By Katrina Thompson on Thu, 05/22/2025
Health-ISAC recently released their 2025 Health Sector Cyber Threat Landscape Report, a comprehensive outline of the malicious activity aimed at healthcare in the previous year. Not surprisingly, ransomware was cited by security professionals in the industry as the number one threat of 2024 and the top area of concern coming into 2025 (followed by third-party breaches, supply chain attacks, and...
Vulnerability & Risk Management
Cybersecurity
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
Blog

Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack

By Katrina Thompson on Tue, 05/20/2025
Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of downtime cost entities nearly $83,600, and that in each attack the downtime lasted for an average of 27.8 days.Compared...
Vulnerability & Risk Management
Cybersecurity
The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure
Blog

The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure

By Guest Authors on Wed, 04/30/2025
According to the 2024 State of Ransomware report by Sophos, there was a 500% increase in ransom bills in the last 12 months. Moreover, an analysis by Comparitech revealed 181 confirmed ransomware incidents targeting healthcare providers in 2024, with 25.6 million records compromised. Meanwhile, there were 42 more confirmed attacks on healthcare organizations not involved in direct care provision....
Vulnerability & Risk Management
Cybersecurity
Compliance
Security Configuration Management
New Bill Mandates Cybersecurity Overhaul for Federal Contractors
Blog

New Bill Mandates Cybersecurity Overhaul for Federal Contractors

By Josh Breaker-Rolfe on Mon, 04/28/2025
New cybersecurity legislation is coming thick and fast. And for good reason: cyber threats are becoming more sophisticated, systems are becoming more connected, and geopolitical relationships are becoming more fraught. One of the most recent bipartisan legislations – the US Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025 – is designed to modernize cybersecurity standards in...
Cybersecurity
Compliance
The Cyber War on Democracy: Lessons from the 2024 RNC Email Hack
Blog

The Cyber War on Democracy: Lessons from the 2024 RNC Email Hack

By Kirsten Doyle on Tue, 04/22/2025
In July 2024, as the Republican National Committee (RNC) geared up for its national convention in Milwaukee, Chinese hackers infiltrated the RNC's email system. According to The Wall Street Journal, attackers maintained access for several months, trying to get their hands on intelligence on how the GOP planned to address Taiwan in its party platform. Microsoft alerted top party officials about...
Vulnerability & Risk Management
Cybersecurity
Security Configuration Management
Digital Hygiene in Healthcare: Where Cybersecurity Is a Matter of Life and Death
Blog

Digital Hygiene in Healthcare: Where Cybersecurity Is a Matter of Life and Death

By Kirsten Doyle on Tue, 04/22/2025
The healthcare industry is a prime target for cyberattacks due to the significant value of medical data and the critical nature of patient care. Unlike other sectors, healthcare organizations must balance cybersecurity with the need for immediate access to life-saving information. Ransomware attacks, in particular, have surged, with cybercriminals exploiting outdated systems, unpatched...
Cybersecurity
Compliance
Federal Desktop Core Configuration (FDCC/USGCB) Compliance
Blog

Federal Desktop Core Configuration (FDCC/USGCB) Compliance

By Katrina Thompson on Mon, 03/31/2025
Federal Desktop Core Configuration (FDCC) was mandated by the US Office of Management and Budget (OMB) in 2007 and provides a set of security standards that must be adhered to by all federal workstations and laptops running Windows XP or Vista.FDCC evolved into the United States Government Configuration Baseline (USGCB) starting in 2010, although some agencies and contracts may still be under...
Compliance
Security Configuration Management
CMS-ARS-A-Blueprint-for-US-Healthcare-Data-Security-and-Compliance
Blog

CMS ARS: A Blueprint for US Healthcare Data Security and Compliance

By Kirsten Doyle on Thu, 03/20/2025
Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients' confidential information doesn't fall into the wrong hands.One of the essential frameworks...
Compliance
HIPAA
Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard
Blog

Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard

By Kirsten Doyle on Wed, 03/05/2025
Abu Dhabi is boosting its healthcare system with the introduction of the Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS). This initiative, driven by the Department of Health—Abu Dhabi (DoH)—has been put in place to protect sensitive healthcare data, improve cybersecurity resilience, and keep healthcare services running smoothly.At a time when cyber threats are skyrocketing in...
Cybersecurity
Compliance