Claim OwnershipSecurityMetrics Podcast
Subscribed: 17Played: 210
Subscribe
© 2025 SecurityMetrics Podcast
Description
The SecurityMetrics Podcast, hosted by Jen Stone (Principal Security Analyst, QSA, CISSP, CISA), will help you understand current data security and compliance trends. Each episode will feature a different security professional offering tips and security best practices.
106 Episodes
Reverse
Learn more about cyber risks for small businesses: Are you a small-medium business owner? Did you just get a message from your bank telling you to call SecurityMetrics? Are you worried about having a bad experience? Do you know what PCI even means? This episode is for you. Learn how SecurityMetrics can help you navigate this regulatory landscape. We'll discuss: Why your processor is making you do PCI compliance: Did you know that nearly half of all cyberattacks target small businesses...
Join us on this extra long episode as SecurityMetrics experts Jen Stone, Gary Glover, Aaron Willis and Chad Horton dive deep into the evolving landscape of PCI compliance for e-commerce businesses. With the deadline for PCI 4.0 rapidly approaching, understanding the new requirements for e-commerce is crucial. In this episode, our panelists discuss: Understanding PCI 4.0 for e-commerce: Learn about the key changes and their implications for your business, especially if you're a small or medium...
Download the guide: https://www.cisecurity.org/insights/white-papers/from-both-sides-a-parental-guide-to-protecting-your-childs-online-activity Are you a parent looking for guidance on how to keep kids safe online? Join us for a candid conversation with Sean Atkinson, CISO at the Center for Internet Security, and his daughter, Emma, as they discuss their journey of creating a guide designed to help families have conversations about online safety. In this episode, you'll learn: Why open commun...
Links from the episode: https://405d.hhs.gov/ Discover the latest trends and threats in healthcare cybersecurity. This episode explores the real-world impact of cyberattacks on patient care, the vulnerabilities of medical devices, and the strategies organizations can implement to protect their sensitive data. Request a Quote for a PCI Audit ► https://www.securitymetrics.com/pci-audit Request a Quote for a Penetration Test ► https://www.securitymetrics.com/penetration-testing Get the Guide ...
Confused about PCI DSS compliance standards? This video breaks down each available SAQ type, including: SAQ-A, SAQ P2PE-HW, SAQ D for Service Providers, and the newly introduced SAQ SPoC for PCI DSS 4.0. Learn which one is right for your business based on your payment processing environment. Learn about: Different SAQ types for merchantsEligibility criteria for each SAQ typeFactors to consider when choosing a SAQ typeSimplifying your PCI complianceListen now to learn what your business can do...
Join Jen Stone as she chats with DevOps engineer and Day Two DevOps podcaster Kyler Middleton about her unique journey from a rural upbringing to becoming a DevOps expert. Discover how Kyler's passion for teaching led her to a career in technology, and learn about the importance of automation and documentation in building secure and efficient cloud environments. This episode dives deep into DevOps practices, the role of Terraform, Azure vs AWS, and the challenges organizations face when adopt...
Is your penetration testing just a compliance formality? This episode of the SecurityMetrics Podcast redefines pen testing as a strategic partnership, empowering you to get the most out of your assessments. Join Jen Stone and James Farnsworth as they discuss: The critical role of scoping: Learn how to align business needs with technical assessments for a truly impactful pen test.The difference between a vulnerability scan and a penetration testUnlocking report potential: Discover how to lever...
This episode of the SecurityMetrics Podcast is a valuable resource for MSPs who want to learn more about HIPAA compliance and how to better serve their healthcare clients. Join Jen Stone and David Sims to learn more about how Managed Service Providers (MSPs) can empower healthcare organizations to achieve HIPAA compliance. Learn about: The challenges of data discovery and data sprawl in healthcare organizations.The importance of having a documented HIPAA compliance program.The difference bet...
Struggling to automate security tasks? Feeling overwhelmed by the process? This episode of the SecurityMetrics podcast dives deep into the world of automation with guest Mollie Breen, founder and CEO of Perygee. Mollie, a recognized cybersecurity and innovation expert, dismantles the myth of automation being a complex "one size fits all" solution. In this episode, you'll learn: - How to identify the best manual processes to automate for maximum impact - Practical steps to overcome common aut...
There are four key questions to ask about your data: Where is it? What data do you have? Who has access? What risks are associated with how the data is accessed? Tune in this week as Jen Stone sits down with award-winning entrepreneur, Ani Chaudhuri, to discuss data security and data risk management. Listen to learn: Why automation is essential for effective data security.The importance of a "human-assisted" approach to data security.How Ani's company helps organizations achieve data securit...
Becoming a penetration tester in the world of cybersecurity can be more complex than you'd think, but don't let that spook you. Tune in this week as Jen Stone sits down with James Farnsworth (Team Lead / Senior Penetration Tester at SecurityMetrics) to discuss the various paths to becoming a penetration tester. Listen to learn: The best tools to learn penetration testing skills.The numerous roles within the penetration testing umbrella.Possible paths of education to start your penetration te...
Tune into the SecurityMetrics Podcast this week as host Jen Stone interviews Tillery, Director of Training and Education at Neuvik, to learn about the cybersecurity skills gap and how to bridge it. Listen to learn: How to attain an entry-level cybersecurity position.Why companies should focus more on employee trainings.The benefits of allowing employees time to learn during the workday. Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA) [Disclaimer] Before implementing...
Tune in this week as Jen Stone sits down with Ryan Leirvik (founder and CEO of Neuvik) to discuss how to effectively communicate cybersecurity risk to a board of directors. Listen to learn: How to frame cybersecurity risks in a way that aligns with business objectives and priorities.How to break down complex security concepts for executives.How to create a healthy relationship with executives. Hosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA) [Disclaimer] Before imple...
Tune in this week as Jen Stone sits down with Donna Grindle (CEO of Kardon) to learn about the Health Industry Cybersecurity Practices (HICP) framework and how the 405(d) initiative and the Health Sector Coordinating Council (HSCC) are working together to provide free cybersecurity guidance to healthcare organizations. Listen to learn: How the HHS provides specific guidance for HIPAA compliance with HICUP.How the 405(d) program provides resources and guidance for HIPAA compliance.The upcomin...
Tune in this week as Jen Stone sits down with Candice Pressinger, an award-winning payment security leader, discussing the critical role acquirers play in the PCI ecosystem. This episode is a valuable resource for merchants seeking to understand acquirer roles in PCI compliance and gain insights into the broader payments industry. Listen to learn: -How acquirers aid merchants in PCI compliance. -The importance of collaboration within the payments industry -How PCI compliance serves as a stro...
HITRUST certification can be a significant undertaking. However, with the right guidance and support, organizations can overcome the challenges and establish a strong foundation for data security. Tune in this week as Jen Stone (MCIS, CISSP, CISA, QSA) sits down with Lee Pierce (Director of Enterprise Sales at SecurityMetrics) and Peter Briel (Founder of Privaxi, CISA, CISO, CISM, CCSFP) to discuss how organizations can better approach HITRUST compliance. Listen to learn: How HITRUST differs...
In this episode of the SecurityMetrics Podcast, Jen Stone chats with Keith O' Looney, an expert in multi-factor authentication (MFA) and PCI DSS compliance. They discuss the new requirements for MFA in PCI DSS 4.0, the challenges organizations face in implementing MFA, and how behavioral biometrics offer a unique solution. Learn how to navigate the changing landscape of cybersecurity and protect your data with robust authentication measures. Listen to learn: The new PCI DSS 4.0 requirement...
In this episode of the SecurityMetrics podcast, Jen Stone chats with Heidi Babi (PCI Security Assurance & Compliance Sr. Lead at Mars Corporation) about managing PCI compliance in a massive, complex organization with hundreds of data flows. Listen to learn: How to break down overwhelming requirements into manageable steps and design flexible solutions for future growth.How to utilize compensating controls and customized solutions to achieve robust security.How to build rapport with inte...
Join Jen Stone of SecurityMetrics as she sits down with two industry veterans, Gary Glover (VP of Assessments at SecurityMetrics) and Andy Barratt (VP of Assurance Business at Coalfire), for a lively discussion about their careers, the challenges of PCI compliance, and the unique collaboration they share through the PCI Security Standards Council's GEAR program. Listen to learn: How this vital program that brings together leading QSA companies to provide feedback and influence on PCI standar...
In this episode of the SecurityMetrics Podcast, Jeremy King (Regional VP for Europe, Middle East, and Africa at the PCI Security Standards Council) provides an overview of the recent community meeting in Dublin, Ireland, and why it is important for your business to attend the annual PCI Community Meeting. Listen to learn: How the community meeting provides a valuable opportunity to learn about the new requirements and get help with PCI implementation.How assessors are playing a critical role...
Download from Google Play
Download from App Store
United States
Great episode. First time listening, actually didn't expect much based on other security podcasts I've listened to. Pleasant surprise to hear a broad but substantive discussion on a topic that has a lot of noise around it. Will be checking out more episodes.