General
Why Security Compliance Is a Continuous Process, and Not Just a Check in the Box!
November 18, 2016 Added by:Tim Prendergast
In today’s complex world of cybersecurity threats that are ever-changing and ever-evolving, it’s nearly impossible to say you’re 100 percent compliant with all standards at all times.
Comments (0)
Compliance Capabilities: Audit Achievement through Access Management
August 17, 2016 Added by:Dean Wiech
Overall, audits can be a huge headache for organizations and their leaders, but identity and access governance technology can reduce the audit scramble while also providing many additional benefits.
Comments (0)
Getting Your Records GDPR-Ready
August 11, 2016 Added by:Gavin Siggers
The new European General Data Protection Regulation (GDPR) will be enforced in two years, but that is a relatively short period of time for businesses to assess the new requirements, evaluate existing measures and plan a path to full compliance.
Comments (0)
Yes. The World Needs More Security Predictions
February 17, 2016 Added by:Dan Lohrmann
With the surging growth in cyberspace, new technologies, Wi-Fi, apps, robots, drones, terrorists with social media accounts, the Internet of Things (IoT) and nation-state hacking, online data security has become the Achilles’ heel of the Internet. A growing number of people want to know about new apps available for their smartphones and their data in the cloud – along with the upcoming securit...
Comments (0)
Five Security Threats Businesses Should Prepare for in 2016
January 28, 2016 Added by:Steve Durbin
After reviewing the current threat landscape, there are five prevalent security threats that the Information Security Forum believes businesses need to prepare for in 2016. These include, but are not limited to, the unintended consequences of state intervention, Big Data, mobile applications and the Internet of Things (IoT), cybercrime and the growing skills gap in the information security industr...
Comments (0)
What Do Star Wars and Recent Data Breaches Teach Us About Cyber Ethics?
December 21, 2015 Added by:Dan Lohrmann
Beyond cyber war and the good guys having the right tools to catch the bad guys, there can be a tendency to ignore “more mundane” acceptable use directives. That is, security staff can download copyrighted material (movies and games), view porn at work, look at information that is private (like promotions, raises or other data from management), “borrow” passwords or delete log files to cov...
Comments (0)
Managing Security Resources: It’s All About People and Awareness (Part II)
December 07, 2015 Added by:Steve Durbin
As information risks and cyber security threats increase, organizations need to move away from reacting to incidents and toward predicting and preventing them. Developing a robust mechanism to assess and treat information risk throughout the organization is a business essential.
Comments (0)
Managing Security Resources: It’s All About People and Awareness (Part I)
December 01, 2015 Added by:Steve Durbin
Organizations worldwide continue to struggle to attract and retain skilled information and cybersecurity professionals. Overcoming this challenge requires a more imaginative, business and people-centric approach to the recruitment of security professionals.
Comments (0)
Wireless Security 101
September 09, 2015 Added by:Jayson Wylie
Not everyone is technology savvy and push to get something to function verses securing it to the extent that it should be. Even though the latest wireless routers will use the more up-to-date security configurations, there are older setups that may not be adequate.
Comments (0)
Hackers and Threats: Cybercrime Syndicates Go Global
August 04, 2015 Added by:Steve Durbin
Organizations are struggling to cope with the quantum speed and sophistication of global cyber-attacks being carried out by organized cyber-criminal syndicates. Moving forward, businesses need to prepare to be targeted at any time, and any place, by multiple assailants. Organizations that wish to keep pace with these developments, and remain financially viable, need to take action now, or face the...
Comments (0)
Cloud Security: It’s in the Cloud - But Where? (Part III)
July 06, 2015 Added by:Steve Durbin
Part III in this series looks at the need to institute a cloud assessment process and the four actions that organizations of all sizes can take to better prepare themselves as they place their sensitive data in the cloud.
Comments (0)
Cloud Security: It’s in the Cloud - But Where? (Part II)
June 22, 2015 Added by:Steve Durbin
Cyber resilience has never been more important than it is today. As everything from supply chain management to customer engagement shifts to the cloud, operating in cyberspace now has bottom line implications if systems are disrupted. Cyber cloud resilience requires a balanced approach that protects both organizations and individuals while also enabling open, safe commerce and communication.
Comments (0)
Cloud Security: It’s in the Cloud - But Where? (Part I)
June 15, 2015 Added by:Steve Durbin
Organizations are becoming increasingly dependent on their use of cloud services for business benefit both internally and when working with third party suppliers across multiple jurisdictions. However, while these services can be implemented quickly and easily, organizations need to have a clearer understanding of where their information is stored and how reliable these services are.
Comments (0)
What is PHI?
June 03, 2015 Added by:Danny Lieberman
Software Associates specialize in HIPAA security and compliance for Israeli medical device companies – and 2 questions always come up: “What is PHI?” and “What is electronically protected health information?”
Comments (0)
SSL and TLS Update
May 26, 2015 Added by:PCI Guru
The answer to SSL and TLS vulnerabilities are to remediate as soon as possible. If you are unable to remediate, then you need to mitigate the risk until you can remediate.
Comments (0)
Will Your Contractors Take Down Your Business?
May 25, 2015 Added by:Rebecca Herold
Do you know how well your vendors, business associates, contracted third parties (who I will collectively call “contractors”) are protecting the information with which you’ve entrusted them to perform some sort of business activity? You need to know.
Comments (0)
- SAP Cyber Threat Intelligence Report – April 2018
- Cloud Security Alert – Log Files Are Not the Answer
- Avoiding Holes in Your AWS Buckets
- The Three Great Threats to Modern Civilization
- 2020 Vision: How to Prepare for the Future of Information Security Threats
- Why Data Loss Prevention Will Suffer the Same Fate as Anti-Virus
- Unconventional Thinking — Four Practices to Help Mitigate Risk
- The Night the Lights Went out in Georgia (Almost)
- Is Blockchain Really Disruptive in Terms of Data Security?
- Half-Baked Security Approaches: What Cybersecurity Can Learn from Legal Weed