Blog Posts Tagged with "Regulation"


The Failure Of PCI?

June 13, 2012 Added by:PCI Guru

The biggest problem with PCI DSS standards comes down to the fact that humans are averse to being measured or assessed. Why? It makes people responsible and accountable for what they do, and few people want that sort of accountability – we all much prefer wiggle room in how our jobs are assessed...

Comments  (1)


Organization for Computer Professionals Opposes CISPA

June 12, 2012 Added by:Electronic Frontier Foundation

ACM is the world's largest organization for computer professionals. They are joining a diverse group in opposing CISPA, including a wide array of digital civil liberties organizations like EFF, computer scientists like Bruce Schneier and Tim Berners-Lee, and companies like the Mozilla Foundation...

Comments  (0)


Cybersecurity: Washington DC is a World of Grey

June 07, 2012 Added by:Joel Harding

The US State Department cannot sign many treaties in cyberspace, and we cannot establish a lot of cooperation, because there is a lack of a definition or there is no established threshold for most of what we deal with. Part of that problem is that as soon as the ink dries, most of the conditions will change...

Comments  (0)


Senator Demands Text of Secret Agreements Regulating Internet

May 30, 2012 Added by:Electronic Frontier Foundation

Senator Ron Wyden recently introduced a bill demanding access to draft texts of international trade agreements under negotiation such as the Trans-Pacific Partnership Agreement that carry provisions that could severely choke off users' rights on the Internet. This is a great positive step in the right direction...

Comments  (0)


SCADA Security: Consequences and Difficulty with Incentives

May 18, 2012 Added by:Rafal Los

Here's the problem - when it comes to critical infrastructure protection it's very difficult to legislate and regulate the organizations that matter into a state of better security. The problem is that in order to enforce policy and rules there either have to be consequences to failing, or incentives not to fail - or both...

Comments  (0)


Healthcare Data and the (Private) Social Network

May 09, 2012 Added by:Danny Lieberman

Previously, we talked about the roles that trust, security and privacy play in online healthcare interactions. In this post we look at privacy challenges in social networks and describes how you can implement a private healthcare social network for without government regulation...

Comments  (0)


Legislation Would Stick Business with Cyberwar Costs

May 08, 2012 Added by:Headlines

"The legally mandated role of the government is to provide for the common defense, and they're willing to spend pretty much whatever it takes... If you're in a private organization, your legally mandated responsibility is to maximize shareholder value. You can't spend just anything..."

Comments  (2)


CISPA: The Devil is in the Details

May 07, 2012 Added by:Michelle Valdez

The problem with CISPA involves all the information added under one of the approved amendments. The vagueness about what information can be shared has caused most of the concern – especially that catch all category of “to protect the national security of the United States”...

Comments  (2)


Cybersecurity Risks in Public Companies: An Infographic

May 07, 2012 Added by:Fergal Glynn

Following new SEC guidance issued relating to disclosure of security risks in company filings, public companies are beginning to be measured by regulators and investors on the strength of their security solution and ability to protect intellectual property and customer data...

Comments  (1)


Healthcare Data: I Trust You to Keep this Private

May 03, 2012 Added by:Danny Lieberman

In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...

Comments  (2)


Remember Public Cellular Networks in Smart Meter Adoption

April 26, 2012 Added by:Brent Huston

ICS/SCADA owners must strive to clearly identify their needs around cellular technologies, clearly demarcate the requirements for private/segmented/public cellular network use and understand the benefits/issues and threats of what they are utilizing...

Comments  (0)


Four Steps to Follow when Your Credit Card is Compromised

April 23, 2012 Added by:Christopher Burgess

Certification of compliance demonstrates that at that given point of time the entity was in adherence to the PCI standards. The threat landscape is dynamic and ever changing requiring those entrusted with our data to take steps beyond compliance to protect that data...

Comments  (0)


FTC Final Report Provides Meaningful Protection Online

April 21, 2012 Added by:Electronic Frontier Foundation

Recently, the FT) released a final report on digital consumer privacy after more than 450 companies, advocacy groups and individuals commented on the December 2010 draft. The final report creates strong guidelines for protecting consumer privacy choices in the online world...

Comments  (0)


FTC Commission Report on Protecting Consumers

April 16, 2012 Added by:David Navetta

The FTC has a front and center role in data privacy and enforcement. We have written extensively about the FTC’s actions and recommendations. How is the final Framework different from the draft Framework and what should your privacy professionals be taking away from the Framework?

Comments  (0)


Data Breach Definitions, Costs and Security

April 11, 2012 Added by:Fergal Glynn

Companies that suffer a data breach lose more than just confidential information. Their reputation, productivity, and profitability can all be negatively impacted in the aftermath of even a single incident. The organization may face fines, civil or criminal prosecution...

Comments  (0)


Data Classification: Why it is Important for Information Security

April 02, 2012 Added by:Christopher Rodgers

Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »
Most Liked