February 05, 2014 Added by:Thomas Fox
In honor of The Movie Channel’s annual 28 days of Oscar, the upcoming Academy Awards and inspired by Jay Rosen’s prior career and the FCPA Professor’s hypothetical discussion between a Chief Compliance Officer (CCO) and his Chief Executive Officer (CEO) last week...I thought I might write about 'Compliance Defense- The Movie.'
February 04, 2014 Added by:David Navetta
While the outcome of this lawsuit is uncertain, breach notification practitioners and companies that handle California personal information should keep an eye on this case and any rulings that come out of it.
February 04, 2014 Added by:Joe Weiss
This risk is certainly more probable than once in a million years which is the minimum criteria for the safety analysis to address specific threats.
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
January 21, 2014 Added by:Anthony M. Freed
The House of Representatives Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies has passed a bill to bolster provisions to protect the nation’s critical infrastructure, moving it one step closure to full consideration.
January 21, 2014 Added by:Thomas Fox
Compliance leadership can take many forms and inspiration can come from many different sources.
January 16, 2014 Added by:john melvin
We have no way of knowing right now what the causes of the recent Target and Neiman-Marcus data breaches are. It just raises the same questions of: does compliance with PCI standards mean that everything is secure against attacks? If an application is compliant, is that enough? It doesn’t seem to be clear whether or not a company can completely “pass the buck” to the developers and maintaine...
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
October 02, 2013 Added by:Stephen Marchewitz
A brief understanding of the process, time and overall cost of a Card Holder Data. All information contained in this article is for the purposes of awareness and education. If you have experienced a breach, contact a PFI company immediately.
August 21, 2013 Added by:Rohit Sethi
Determining which system components fall under PCI compliance can often be problematic for many companies. When it comes to PCI DSS (Payment Card Industry Data Security Standards) compliance assessments, scoping tends to become a major challenge.
July 04, 2013 Added by:Jon Long
Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
June 04, 2013 Added by:Jon Long
"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".
The State of Obama Cybercare... Eden Connie on 01-26-2015
OSI Model’s Relevance to Web App Security... Arduan Arduan on 01-26-2015
Visa Puts Heartland on Probation Over Breach... Arduan Arduan on 01-26-2015