Blog Posts Tagged with "Compliance"
November 18, 2016 Added by:Tim Prendergast
In today’s complex world of cybersecurity threats that are ever-changing and ever-evolving, it’s nearly impossible to say you’re 100 percent compliant with all standards at all times.
August 17, 2016 Added by:Dean Wiech
Overall, audits can be a huge headache for organizations and their leaders, but identity and access governance technology can reduce the audit scramble while also providing many additional benefits.
August 11, 2016 Added by:Gavin Siggers
The new European General Data Protection Regulation (GDPR) will be enforced in two years, but that is a relatively short period of time for businesses to assess the new requirements, evaluate existing measures and plan a path to full compliance.
July 14, 2016 Added by:Nimmy Reichenberg
Now, more than ever then, it’s vital that organizations work to bring security and application delivery closer together.
January 13, 2016 Added by:InfosecIsland News
Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year. Effective risk management and mitigation will be critical, since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.
December 01, 2015 Added by:Identropy
User provisioning platforms are at the heart of an identity management and governance infrastructure. Let’s just put it this way—if you haven’t automated your user provisioning by now to some degree, you’re doing it wrong.
February 12, 2015 Added by:InfosecIsland News
Please join Virtustream and SecurityWeek on Wednesday, Feb. 18th at 1PM ET for a live webcast on enterprise security trends.
January 26, 2015 Added by:Mav Turner
Continuous compliance involves constantly reviewing processes and quickly making any necessary updates as a result of deviations from their intended performance. However, despite the fact that continuous compliance is effective at eliminating the gaps between compliance and security, it also greatly increases the complexity of managing compliance.
June 18, 2014 Added by:Jon Long
The phrase "Continuous Compliance" is almost meaningless without an additional reference of "Assurance." I define continuous compliance and assurance as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective results to meet information security goals.
June 05, 2014 Added by:InfosecIsland News
To prevent costly breaches such as this one from happening, Netwrix Corporation suggests the following best practices every health care organization or insurance provider should implement and maintain to ensure HIPAA compliance.
May 20, 2014 Added by:Nima Dezhkam
As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.
January 29, 2014 Added by:Michael Sabo
The PCI’s 12 mandatory requirements are designed to protect cardholder data from the threat of fraud or theft. Requirement 11.3 gets to the heart of the pen test, and it was revised in PCI-DSS version 3.0.
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
January 16, 2014 Added by:john melvin
We have no way of knowing right now what the causes of the recent Target and Neiman-Marcus data breaches are. It just raises the same questions of: does compliance with PCI standards mean that everything is secure against attacks? If an application is compliant, is that enough? It doesn’t seem to be clear whether or not a company can completely “pass the buck” to the developers and maintaine...
August 21, 2013 Added by:Rohit Sethi
Determining which system components fall under PCI compliance can often be problematic for many companies. When it comes to PCI DSS (Payment Card Industry Data Security Standards) compliance assessments, scoping tends to become a major challenge.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015