Resources

Fortra Guide
Guide

Insider Insights for the PCI DSS 4.0 Transition

Is your organization ready for the new PCI DSS 4.0 Standard? To help you make the journey easier and more straightforward, Fortra’s Tripwire gathered strategic implementation advice from top industry insiders.Get detailed guidance on overcoming the challenges posed by each of the PCI DSS 4.0 requirements. Hear from CISOs, cybersecurity analysts,...
Compliance
PCI DSS
Fortra Guide
Guide

Essential PCI DSS v4.0 Transition Checklist

The proliferation of online transactions isn’t the only reason the PCI Council created the new 4.0 standard. Recent years have also seen increasingly sophisticated methods among cybercriminals, a surge in cloud use, and the rise of contactless payments. This spurred the need for an updated set of PCI DSS requirements, which were released in March...
Compliance
PCI DSS
Fortra Guide
Guide

Sustaining SOX Compliance Best Practices to Mitigate Risk Automate Compliance and Reduce Costs

Achieving compliance with the Sarbanes-Oxley Act (SOX) can be a monumental effort. Maintaining those controls and audit reporting on an ongoing basis can be even more difficult. The SEC recommends automated controls for more efficient and effective compliance results.This white paper details the SOX requirements that are best addressed by automated controls using the COBIT framework in two core...
Compliance
SOX
Fortra Guide
Guide

PCI DSS Resource Toolkit

Use this toolkit to gain a deeper understanding of where you stand with regards to your PCI DSS compliance program and the transition to PCI DSS 4.0. Establishing PCI DSS compliance goes beyond technical tools and processes: It also requires a shift in thinking about compliance as a cybersecurity process. Lean on advice from compliance experts to help you make consistent progress toward your goals...
Compliance
PCI DSS
The Bullseye on Banks: Why Financial Services Remain a Prime Target for Cyberattacks
Blog

The Bullseye on Banks: Why Financial Services Remain a Prime Target for Cyberattacks

By Kirsten Doyle on Thu, 07/24/2025
The frontlines of cybersecurity have long included the financial services sector, but today’s battlefield is increasingly asymmetric. Threat actors aren’t just going after the big-name banks with sprawling infrastructure and billion-dollar balance sheets. They’re targeting credit unions, wealth management firms, fintech startups, and insurance providers with the same determination and ferocity...
Compliance
SOX
Shifting Gears: India's Government Calls for Financial Cybersecurity Change
Blog

Shifting Gears: India's Government Calls for Financial Cybersecurity Change

By Katrina Thompson on Thu, 06/19/2025
Escalating tensions in the Kashmiri conflict between India and Pakistan illustrate a point the Indian government has been driving home for years; it is time to double-down on securing India's critical financial services.As the cornerstone of the nation's stability, the Banking, Financial Services, and Insurance (BFSI) sector was the focus of India's first Digital Threat Report 2024, and offers a ...
Compliance
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
Blog

Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE

By Kirsten Doyle on Mon, 06/09/2025
As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud alerts issued), medical records stay fresh for a long time.They contain a host of personal information, like medical histories, insurance data, and payment...
Cybersecurity
Compliance
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
Blog

Proposed HIPAA Update Makes Yearly Pen Testing Mandatory

By Katrina Thompson on Wed, 05/28/2025
In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration testing of their electronic information...
Cybersecurity
Compliance
HIPAA
The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure
Blog

The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure

By Guest Authors on Wed, 04/30/2025
According to the 2024 State of Ransomware report by Sophos, there was a 500% increase in ransom bills in the last 12 months. Moreover, an analysis by Comparitech revealed 181 confirmed ransomware incidents targeting healthcare providers in 2024, with 25.6 million records compromised. Meanwhile, there were 42 more confirmed attacks on healthcare organizations not involved in direct care provision....
Vulnerability & Risk Management
Cybersecurity
Compliance
Security Configuration Management
Digital Hygiene in Healthcare: Where Cybersecurity Is a Matter of Life and Death
Blog

Digital Hygiene in Healthcare: Where Cybersecurity Is a Matter of Life and Death

By Kirsten Doyle on Tue, 04/22/2025
The healthcare industry is a prime target for cyberattacks due to the significant value of medical data and the critical nature of patient care. Unlike other sectors, healthcare organizations must balance cybersecurity with the need for immediate access to life-saving information. Ransomware attacks, in particular, have surged, with cybercriminals exploiting outdated systems, unpatched...
Cybersecurity
Compliance
CMS-ARS-A-Blueprint-for-US-Healthcare-Data-Security-and-Compliance
Blog

CMS ARS: A Blueprint for US Healthcare Data Security and Compliance

By Kirsten Doyle on Thu, 03/20/2025
Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients' confidential information doesn't fall into the wrong hands.One of the essential frameworks...
Compliance
HIPAA
Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard
Blog

Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard

By Kirsten Doyle on Wed, 03/05/2025
Abu Dhabi is boosting its healthcare system with the introduction of the Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS). This initiative, driven by the Department of Health—Abu Dhabi (DoH)—has been put in place to protect sensitive healthcare data, improve cybersecurity resilience, and keep healthcare services running smoothly.At a time when cyber threats are skyrocketing in...
Cybersecurity
Compliance
On-Demand Webinar

PCI 4.0 is Here: Your Guide to Navigating Compliance Success

Mon, 06/03/2024
The transition period from PCI DSS 3.2.1 to 4.0 ended on March 31, 2024, a date toward which many organizations have dedicated countless hours of preparation. Looking back on that time, do you know where your compliance efforts stand now? Watch PCI experts Steven Sletten and Jeff Hall in this on-demand webinar PCI 4.0 is Here: Your Guide to Navigating Compliance Success to learn how to...
Compliance
PCI DSS
Tips for Ensuring HIPAA Compliance
Blog

Tips for Ensuring HIPAA Compliance

By Guest Authors on Wed, 01/17/2024
Like every other industry, the healthcare sector is barely recognizable when compared to its state 20 years ago. It, too, has been transfigured by technology. While this has brought many impactful benefits, it has also introduced at least one major challenge: keeping sensitive patient information private. At the heart of this privacy challenge...
Compliance
HIPAA
Why Therapists need Data Protection and Cybersecurity
Blog

Why Therapists need Data Protection and Cybersecurity

By Gary Hibberd on Tue, 01/16/2024
Cybersecurity in Mental Healthcare - The Overlooked Risk Did you know the New-Age Therapeutic sector is unregulated? If that surprises you, then you’re not alone. I was a little surprised, too. Yes, there are various professional bodies a practitioner can join, and there are courses they can attend, but they aren’t forced to. It should be noted...
Cybersecurity
Compliance
HIPAA
Quick Look at the New CISA Healthcare Mitigation Guide
Blog

Quick Look at the New CISA Healthcare Mitigation Guide

By Katrina Thompson on Tue, 12/05/2023
It’s the small vines, not the large branches, that trip us up in the forest. Apparently, it’s no different in Healthcare. In November, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Mitigation Guide aimed at the Healthcare and Public Health (HPH) sector. In the midst of current hybrid cloud security challenges, hyper...
Cybersecurity
Compliance
Egypt Financial Cybersecurity Framework Datasheet
Datasheet

The Egypt Financial Cybersecurity Framework

Key Areas of the FrameworkCentral Bank of Egypt (CBE) identified key areas of focus to tailor a cybersecurity framework to the unique requirements of the Egyptian financial sector. This framework will serve as the foundational guidance for cybersecurity capability development within this critical sector. This is the kick-off of a larger-scale effort by the CBE to build a robust and sustainable...
Compliance
Guide

How Finance Companies Bank on Tripwire ExpertOps

Finance companies opt for managed services to stay compliant, bolster overburdened security teams, and get ongoing support in keeping their data safe from damaging breaches. The finance sector regularly finds itself on the front lines of emerging attack techniques; attackers commonly search for edge vulnerabilities and test new malware variations against financial systems. However, most breaches...
Compliance
PCI DSS
SOX
Datasheet

Tripwire and HITRUST

The HITRUST CSF rationalizes relevant regulations and standards (such as NIST, CIS, and HIPAA) into a single overarching security and privacy framework. Now, with Tripwire® Enterprise, organizations can automate HITRUST CSF assessment and reduce the burden of compliance. Any organization that collects or stores personally identifiable information (PII) faces a relentless stream of cyberattacks....
Compliance
Datasheet

Maintaining the Security and Integrity of Electronic Health Record Systems

The value of electronic health record (EHR) systems is immense. These digital records are designed to be available anytime and anywhere, connecting healthcare providers with patient data. EHRs are a central repository of patient medical histories, medications, diagnoses, immunization dates, allergies, lab results and radiology images. With access to this accurate patient information, providers can...
Compliance
HIPAA
NIST