Blog Posts Tagged with "Compliance"
4 Things that Make Cloud Compliance Harder Than You Think
April 06, 2017 Added by:John Martinez
There are some factors to take into consideration that may make compliance in the cloud a bit more challenging
Comments (0)
GRC: Going Beyond the Acronym
March 10, 2017 Added by:Corey Wilburn
An effective GRC disciple requires a company-wide buy-in. The easier you make it for your colleagues, the easier you make it for yourself.
Comments (0)
Why Security Compliance Is a Continuous Process, and Not Just a Check in the Box!
November 18, 2016 Added by:Tim Prendergast
In today’s complex world of cybersecurity threats that are ever-changing and ever-evolving, it’s nearly impossible to say you’re 100 percent compliant with all standards at all times.
Comments (0)
Compliance Capabilities: Audit Achievement through Access Management
August 17, 2016 Added by:Dean Wiech
Overall, audits can be a huge headache for organizations and their leaders, but identity and access governance technology can reduce the audit scramble while also providing many additional benefits.
Comments (0)
Getting Your Records GDPR-Ready
August 11, 2016 Added by:Gavin Siggers
The new European General Data Protection Regulation (GDPR) will be enforced in two years, but that is a relatively short period of time for businesses to assess the new requirements, evaluate existing measures and plan a path to full compliance.
Comments (0)
Security Is from Mars, Application Delivery Is from Venus
July 14, 2016 Added by:Nimmy Reichenberg
Now, more than ever then, it’s vital that organizations work to bring security and application delivery closer together.
Comments (0)
Key Risk Management Issues For 2016
January 13, 2016 Added by:InfosecIsland News
Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year. Effective risk management and mitigation will be critical, since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.
Comments (0)
Why Creating Automated User Provisioning Workflows is Important
December 01, 2015 Added by:Identropy
User provisioning platforms are at the heart of an identity management and governance infrastructure. Let’s just put it this way—if you haven’t automated your user provisioning by now to some degree, you’re doing it wrong.
Comments (0)
Webcast: Enterprise Security Trends To Watch For In 2015
February 12, 2015 Added by:InfosecIsland News
Please join Virtustream and SecurityWeek on Wednesday, Feb. 18th at 1PM ET for a live webcast on enterprise security trends.
Comments (4)
Three Compliance Trends to Watch in 2015
January 26, 2015 Added by:Mav Turner
Continuous compliance involves constantly reviewing processes and quickly making any necessary updates as a result of deviations from their intended performance. However, despite the fact that continuous compliance is effective at eliminating the gaps between compliance and security, it also greatly increases the complexity of managing compliance.
Comments (2)
What is Continuous Compliance and Assurance?
June 18, 2014 Added by:Jon Long
The phrase "Continuous Compliance" is almost meaningless without an additional reference of "Assurance." I define continuous compliance and assurance as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective results to meet information security goals.
Comments (0)
Five Ways to Avoid HIPAA Compliance Breaches With Better Security Controls
June 05, 2014 Added by:InfosecIsland News
To prevent costly breaches such as this one from happening, Netwrix Corporation suggests the following best practices every health care organization or insurance provider should implement and maintain to ensure HIPAA compliance.
Comments (0)
What’s New in PCI DSS v3.0 for Penetration Testing?
May 20, 2014 Added by:Nima Dezhkam
As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.
Comments (0)
There's a New Sheriff in Town – PCI DSS Lays Down the Law to Improve Pen Testing Requirements
January 29, 2014 Added by:Michael Sabo
The PCI’s 12 mandatory requirements are designed to protect cardholder data from the threat of fraud or theft. Requirement 11.3 gets to the heart of the pen test, and it was revised in PCI-DSS version 3.0.
Comments (0)
The Perils of Combining Security and Compliance
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
Comments (0)
Target and Neiman Marcus Breaches Renew Issues Regarding PCI Lawsuits
January 16, 2014 Added by:john melvin
We have no way of knowing right now what the causes of the recent Target and Neiman-Marcus data breaches are. It just raises the same questions of: does compliance with PCI standards mean that everything is secure against attacks? If an application is compliant, is that enough? It doesn’t seem to be clear whether or not a company can completely “pass the buck” to the developers and maintaine...
Comments (0)
- The Upcoming Oracle CPU: Struggling to Keep Pace with Vulnerabilities
- Malware Prevention Key to Countering Evasive Attack Techniques
- Don’t get lost in translation when managing mixed firewall estates
- Make Sure We're Using the Same Language
- WannaCry: How We Created an Ideal Environment for Malware to Thrive, and How to Fix It
- Ztorg Trojan-SMS Infects Google Play Apps
- SAP Cyber Threat Intelligence Report – June 2017
- Webinar: Top 5 Myths of ICS Cybersecurity - Debunked!
- You Can't Hire Your Way Out Of The Skills Shortage... Period.
- Social Security Administration’s Second Attempt at 2FA Fails Federal Government’s Own Standards, Not Secure