Blog Posts Tagged with "Compliance"
September 26, 2012 Added by:Thomas Fox
Compliance violation perpetrators will often grow the fraud in magnitude, sometimes increasing the number of participants. They will rarely cease on their own accord. This fits into Sir John’s analysis of the everyman of battle: What they did and how they did it...
September 25, 2012 Added by:PCI Guru
If a third party is providing your organization a service that has access to your cardholder data environment (CDE) or the third party could come into contact you’re your cardholder data (CHD), then that third party must ensure that the service complies with all relevant PCI requirements...
September 17, 2012 Added by:Danny Lieberman
Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...
September 17, 2012 Added by:Thomas Fox
For the compliance practitioner sometimes the biggest challenge is not only to get senior management but the troops in the trenches to embrace compliance. Cathy Choi's story is a powerful lesson of one way to get those troops to buy into what the compliance department is selling...
September 12, 2012 Added by:Dan Dieterle
The amount of time many companies spend on patching, the problems they have deploying patches, the perception that patching causes problems, and a general lack of understanding about what it takes to patch, all combine to make patching such a major issue...
September 11, 2012 Added by:Thomas Fox
Big banks are not doing too well these days in the compliance arena. From money-laundering operations for drug cartels to trading losses, big banks seem to be more in the news these days for compliance failures rather than successes...
September 09, 2012 Added by:David Navetta
Maine has been one of the most aggressive states to pursue widespread implementation of smart utility meters for customers throughout the state, but not all utility customers have embraced smart meters despite consumers concerns over privacy issues...
September 07, 2012 Added by:Ben Kepes
CIMI is arguably more complex than a simple standard – it reflects that people want to rubber stamp a standard, but also want to deliver proprietary functionality as a point of differentiation from the competition. CIMI is a positive initiative, but the proof is in the pudding...
September 06, 2012 Added by:David Navetta
Expect an uptick in privacy enforcement by state utility regulators. Utilities across the country are advised to review their information security programs (including vendor management requirements) and breach response processes to address their regulators' concerns...
September 05, 2012 Added by:Thomas Fox
While a leader can provide some insights based on experience, and perhaps give a different view, the employee who brought up the compliance issue will probably be more intimately involved with it. The employee may have thought through a resolution to the potential issue as well...
September 05, 2012 Added by:Rafal Los
Only after many years of beating the drum that non-security professionals are waking up to the fact that security cannot be an after-thought in development. It'll take another five years before business executives are comfortable with the notion that they will be breached...
August 31, 2012 Added by:Ben Rothke
The need for effective media destruction is imperative given that digital media is the crown jewels of most organizations. From payroll, financial records, to personal information and company/trade secrets, there are terabytes of data that at the end of its lifecycle, needs to be effectively sanitized...
August 29, 2012 Added by:Danny Lieberman
As social media becomes part of the continuum of interaction in the physical and virtual worlds, privacy becomes an issue of discretionary disclosure control. Online privacy and patient privacy will evolve into a market for products and services with stratified pricing, packaging and product positioning...
August 29, 2012 Added by:Thomas Fox
The best way to effect culture “is to combine strong leadership with the existing internal elements of a healthy corporate culture... while it may take as long to create a good culture as it does to establish a good reputation, a strong set of values is usually harder to destroy unless the company is itself dismantled..."
August 27, 2012 Added by:David Navetta
The proposed modifications to the definitions of "operator" and "website or online service directed to children" address commenters’ concerns related to the use of third party advertising networks and downloadable software kits, or plug ins, that collect personal information through child-directed websites...
August 23, 2012 Added by:Thomas Fox
Unlike the insurance industry, which helps companies manage risks through financial instruments, risk management attempts to avoid or at least control risk. The next time you hear the mindless prattle of “but we’ve always done it that way”, get some ideas on how to change your company’s compliance culture...
Good Security Starts at Home... Annee e on 10-24-2014
Join the Security Intelligence Network on Li... Leo nardz on 10-23-2014
Q and A with Hacker "srblche srblchez"... chi nguyen on 10-23-2014