Since the beginning of 2018, organizations anticipated and put resources in place to understand the impact of the Internet of Things (IoTs), ransomware, blockchain, and other emerging technologies. However, 6 months into the year, have the top concerns changed? For an effective security and compliance strategy, organizations must continue to adapt to keep pace with this dynamic landscape.

Watch A-LIGN President, Gene Geiger, review the state of the forecasted trends in information security and analyze the top concerns for the second half of 2018.

Join Gene as he discusses the following topics:

  • Understanding the current landscape
  • Comparing security and compliance trends in 2017 and 2018
  • Discussing emerging trends, such as GDPR implementation, SSL removal, SOC 2 changes
  • Providing actionable steps to strengthen organization’s information security posture


As organizations continue to move to the cloud, security concerns are playing an important role in selecting a cloud service provider. Achieving compliance in the cloud can be a daunting experience, especially as it pertains to determining whose responsibility it is to address cloud computing regulations and requirements, and to ensure security.

In this webinar, A-LIGN’s Director of Cyber Risk and Privacy, Petar Besalev, will discuss the evolving cloud computing environment, outline the top cloud compliance challenges, and guide organizations through the appropriate compliance audits and requirements.

In this webinar Petar will uncover:

• The cloud computing environment, highlighting security and compliance challenges
• The compliance risks between the cloud provider and customer
• Review the advantages and disadvantages of different audit options

With the effective date of February 1, 2018, service providers must now adhere to the new PCI DSS Version 3.2 requirements.

To help prepare for these new service provider requirements, A-LIGN’s Senior Manager, Dustin Rich, will review the new PCI DSS 3.2 requirements including the segmentation testing requirements, outline how these changes might affect your organization, and provide actionable steps to ensure your PCI DSS compliance in 2018.

In this webinar, Dustin will examine industry trends, updated requirements, and best practices, as well as:

  • Review the recent changes and applicability of new requirements for Service Providers
  • Discuss the key differences between penetration testing and segmentation testing and applicable scenarios
  • Provide guidance on how to prepare for validation this coming year and meet the new requirements

As the cybersecurity landscape evolves and data breaches become more frequent, it’s imperative organizations demonstrate and maintain the security of their information. To accommodate these emerging challenges, the AICPA developed SOC for Cybersecurity, an examination designed to help organizations manage cybersecurity threats through effective processes and stringent controls to identify, respond, and recover from security breaches.

In this SOC for Cybersecurity webinar, A-LIGN’s Managing Consultant, Leigh Allen will examine industry trends citing emerging risks, outline potential pitfalls and provide steps for compliance, as well as:

  • Review the history of cybersecurity attacks
  • Analyze the consequences of noncompliance
  • Outline steps to mitigate the emerging cyber risks
  • Demonstrate controls using SOC for Cybersecurity


As Universities gear up their compliance initiatives for 2018, A-LIGN’s Senior Manager, Dustin Rich, will discuss PCI compliance for higher education, addressing the key compliance challenges and changes within institutions for 2018.

In this webinar, Dustin and Greg will examine industry trends as they apply to education institutions, citing emerging risks, new technologies and updated industry requirements that make PCI DSS compliance necessary, as well as:

  • Review the changes, deadlines, and applicability of new requirements such as SSL and multi-factor authentication
  • Discuss the key differences between SAQ’s A vs. A-EP and applicable scenarios
  • Provide best practices for annual reporting to the acquirer in the multi-mid environment

The healthcare sector is regarded as one of the fastest evolving industries in the nation. This transformative environment is pushing organizations to provide unique solutions while handling new challenges. The drivers of this constant change can be attributed to the development of new services and jobs, an increase in regulations and policies surrounding healthcare, and the growing use of technology within the medical industry. This whitepaper highlights and discusses the evolving industry as it relates to data protection, information security risks, and regulatory obligations.

Please complete the form to receive your complimentary copy


With the release of HITRUST CSF v9 expected in late August/early September, A-LIGN Managing Consultant and HITRUST CCSFP, Blaise Wabo, will discuss the latest evolution of the HITRUST CSF. This update will feature a number of changes including the expansion of the framework and the ability to comply with NIST Cybersecurity Framework with this version.

In this webinar, Blaise will address the healthcare risk environment, citing the emerging trends and technologies that make standards like HITRUST necessary, review the incorporation with guidance such as the FFIEC Information Security Examination Handbook, and observe how HITRUST can be used to support regulatory need.

In this webinar, Blaise will:

  • Address the changes in HITRUST CSF v9 and how to prepare for those changes
  • Review the standards incorporated into v9 and discuss their value for organizations
  • Analyze the anticipated changes in HITRUST CSF v9.1 and how it will affect your business

The SOC 1/SSAE 18 was released by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) providing assurance regarding the controls at a service organization relevant to the user entities’ internal control over financial reporting. This standard superseded the SSAE 16 report on May 1, 2017. Stephanie Oyler, a Managing Consultant at A-LIGN, highlights the three main changes outlined in SSAE 18, how to prepare for a SOC 1/SSAE 18 assessment, and a list of FAQs.

Please complete the form to receive your complimentary copy

Effective November 2016, your organization could lose access to the Limited Access Death Master File (LADMF).  The LADMF contains information about deceased persons that is used by financial and credit firms, as well as government agencies, to match records and prevent identity fraud. Learn how to continue to access the LADMF with this informative guide.

Please complete the form to receive your complimentary copy

Any SSAE 16 report with an opinion dated on or after May 1, 2017, will be issued under the new SSAE 18 standard. But what does it mean for SSAE 16 engagements that your organization has previously conducted? SOC Manager, Stephanie Oyler, discusses how the upcoming change will affect your organization, address how to gain efficiencies through your audit, and observe the differences between SSAE 16 and SOC 1/SSAE 18.

Join Stephanie as she covers the following topics:

  • How to prepare for your upcoming SSAE 18 assessment
  • What are the differences between SOC 1, SSAE 16 and SSAE 18
  • How to use SSAE 18 to improve your risk posture