ControlCase Newsletter January 2016
ControlCase Validates HCD International against HITRUST Common Security Framework (CSF)
As more and more organizations are required to obtain CSF certification, ControlCase provides a comprehensive solution for assessing risk within the healthcare industry.
ControlCase, a leading global provider of Compliance as a Service (CaaS), Certifications, and IT Governance, Risk and Compliance (GRC) software announced it has validated the award-winning healthcare management and technology consulting firm HCD International (HCDI) against HITRSUST CSF using its renowned “Compliance as a Service” (CaaS) solution. ControlCase’s CaaS is recognized as one of the most effective solutions on the market for organizations wishing to achieve HITRUST CSF certification as well as manage overall third-party risk within the healthcare industry.
Product and Services Update
ControlCase collaborates with Industry Experts to Educate Organizations on Achieving Compliance through Security
A key highlight was an open discussion with PCI SSC and MasterCard on how organizations can gain more value by focusing on overall security rather than on just achieving compliance.
ControlCase CEO Speaks on Cloud Security at MasterCard Global Risk Leadership Conference
In this pre-session in Berlin, Kishor Vaswani, CEO of ControlCase, spoke on the topic of PCI Compliance and cloud security.
ControlCase Certifies Mall Resources Solutions for Level 1 PCI DSS Compliance
Mall Resources Solutions, a new online shopping center is the latest company to be certified using ControlCase’s comprehensive “Compliance as Service” (CaaS) solution.
PCI DSS and PA DSS
In this 45 minute webinar ControlCase will discuss the following in the context of PCI DSS and PA DSS:
- Network Segmentation
- Card Data Discovery
- Vulnerability Scanning and Penetration Testing
- Card Data Storage in Memory
Thursday, February 11th, 2016
11:00 AM – 11:45 AM EDT (EST)
Washington DC, USA Time:
PCI SECURITY STANDARDS COUNCIL REVISES DATE FOR MIGRATING OFF VULNERABLE SSL AND EARLY TLS ENCRYPTION
The original deadline date for migration, June 2016, was included in the most recent version of the PCI Data Security Standard, version 3.1 (PCI DSS 3.1), which was published in April of 2015. The new deadline date, June 2018, will be included in the next version of the PCI Data Security Standard, which is expected in 2016.
PAYMENT CARD INDUSTRY ISSUES NEW GUIDANCE TO HELP ORGANIZATIONS RESPOND TO DATA BREACHES
A data breach now costs organizations an average total of $3.8 million. However, research shows that having an incident response team in place can create significant savings. Developed in collaboration with the Payment Card Industry (PCI) Forensic Investigators (PFI) community, Responding to a Data Breach: A How-to Guide for Incident Management provides merchants and service providers with key recommendations for being prepared to react quickly if a breach is suspected.
PAYMENT CARD INDUSTRY COUNCIL ADVANCES POINT-TO-POINT ENCRYPTION STANDARD
Payment Card Industry Security Standards Council (PCI SSC) published an important update to one of its eight security standards, simplifying the development and use of Point-to-Point Encryption (P2PE) solutions that make payment card data unreadable and less valuable to criminals if stolen in a breach.
“Quality means doing it right when no one else is looking”