A-LIGN Blog

PCI DSS v3.2 and the Penetration Testing Requirements for Service Providers

Penetration-test-PCI

In April 2016, the Payment Card Industry Security Standards Council (PCI SSC) released PCI Data Security Standard (PCI DSS) version 3.2.  With the updates came clarification to requirements, additional guidance, and the additional seven new requirements.

Read More

The Gift of Giving: A-LIGN’s Annual Holiday Charity Donation Program

A-LIGN-Charity

As we kick-off 2018 strong, we reflect on the incredible year and the milestones within.

Read More

HITRUST Appoints Steve Simmons and Blaise Wabo to the HITRUST CSF Assessor Council

HITRUST-appoints-Steve-and-Blaise

The HITRUST Alliance has appointed Steve Simmons, Director of Compliance at A-LIGN, and Blaise Wabo, Senior Manager at A-LIGN, to the HITRUST CSF Assessor Council.

Read More

What to Expect in the HITRUST CSF v9.1 Release

What-to-expect-hitrust-csf

HITRUST confirmed the HITRUST CSF Version 9.1 would be scheduled to release to the assessor community this month, January 2018 for review and to provide feedback.

Read More

DFARS NIST 800-171 Compliance Deadline Quickly Approaching

The deadline for nonfederal contractors and subcontractors to meet DFARS NIST-171 compliance to maintain government contracts is December 31, 2017. Starting January 1, 2018, organizations must demonstrate compliance to win new and/or uphold existing Department of Defense (DoD) contracts. Organizations with existing contracts who fail to be compliant by 2018 may face breach of contract […]

Read More

FedRAMP Tailored: New Program for Cloud Service Providers (CSPs)

The Federal Risk and Authorization Management Program (FedRAMP), a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services, released FedRAMP Tailored on September 28, 2017. This new Baseline was designed and developed for Cloud Service Providers (CPS) with Low-Impact Software-as-a-Service (LI-SaaS) Systems, supporting emerging technology […]

Read More

The Uber Security Breach: 3 Takeaways to Secure Your Organization

uber-breach

In October 2016, Uber the global car sharing company, experienced a massive breach whereby hackers stole personal data from approximately 57 million users and drivers. After a year of concealment without regulatory notice and payment to the hackers to destroy the data, Uber finally disclosed the breach. As a result, Uber has undertaken a large […]

Read More

How Audits Enhance Your Business and Drive Revenue

Today, many businesses are presented with the opportunity for growth and development. With these new opportunities come risks and challenges, many of which they have never seen before. The digital landscape is as vast as it is complex, and businesses are seeking proactive guidance to address their information security risks, as well as meet their […]

Read More

Ask A Hacker: A-LIGN’s Penetration Testers Conduct a Reddit Q&A

ask-a-hacker

On Thursday, October 26th A-LIGN held an Ask Me Anything (AMA) Q&A forum on Reddit, to conclude National Cyber Security Awareness Month by providing further insight into the data breach landscape. Members of our penetration testing team answered questions regarding penetration testing, hacking, and information security. Below are the top five questions asked during the […]

Read More

Future of Healthcare: The Transforming Healthcare Industry [Free Download]

The healthcare environment is extremely dynamic, forcing organizations to find the right solution to match the rising challenges. Many of these solutions introduce new and emerging technologies, leaving healthcare organizations with increased vulnerabilities. Healthcare organizations of every size and type can be breached, so exploring every security solution is critical. In 2016, major cyber-attacks on […]

Read More