July 29, 2013 Added by:Vince Schiavone
Corporations looking to proactively protect the business against growing enterprise social risks are engaging advanced, strategic solutions to unveil and track a wide array of social threats. This delivers strategic intelligence for proactive response to effectively mitigate these threats, often before they explode into all out crises.
July 04, 2013 Added by:Jon Long
Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).
July 03, 2013 Added by:Phil Cox
On January 25, 2013, the U.S. Department of Health and Human Services (HHS) released the Omnibus Rule, which finalized all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance.
Healthcare Interrupted - Top Five Vulnerabilities Hackers Can Use Right Now To Shut Down Medical Devices
June 24, 2013 Added by:Matt Neely
By performing penetration tests on hospital networks and medical devices, security researchers have found that many commonly used devices are insecure and can be easily compromised.
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
June 17, 2013 Added by:DHANANJAY ROKDE
A generic definition of a crime would be an act that is in violation of the applicable laws.
June 04, 2013 Added by:Jon Long
"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".
May 09, 2013 Added by:Anthony M. Freed
Often in the security field we hear the question asked, “Who’s watching the watchers?” It occurred to me recently that one might make a similar rhetorical quip about other aspects of our field – in particular, the question of “Who’s standardizing the standards?”
May 08, 2013 Added by:Lee Mangold
As security professionals, we have to understand that not everyone has a passion for security. In fact, most people don’t. Given that we know “they” don’t share our passion, and we know they are the most vulnerable attack vector, why do we continue to bore them with homogenous and irrelevant training?
April 25, 2013 Added by:Andrew Avanessian
PCI DSS Requirement guidelines certainly reinforce how compliance has hardened from suggestive or advisory directives to true mandates with hefty fines and strict consequences for those failing to take heed.
April 06, 2013 Added by:Anthony M. Freed
In a convergence culture, accountability for risk is accepted across the organization, and when that happens, risk management becomes a priority to the business, informing strategy and objectives. By helping identify and mitigate risk across finance, operations and IT, the CISO puts security in context of what could affect profit.
March 20, 2013 Added by:Patrick Oliver Graf
The safeguarding of private customer information has become a top priority for many organizations, thanks in no small part to government regulation and industry oversight, as we move toward an increasingly digital world.
March 09, 2013 Added by:Rohit Sethi
If you process, transmit or store credit card data in your software then you’re likely subject to the Payment Card Industry Data Security Standard (PCI DSS). One of the most onerous sections of the PCI DSS is requirement 6: Develop and maintain secure systems and applications.
March 08, 2013 Added by:Rohit Sethi
The HTC settlement is not based on high-profile breaches. Instead, it points out: “HTC America failed to employ reasonable and appropriate security practices in the design and customization of the software on its mobile devices”.
February 01, 2013 Added by:Danny Lieberman
In our previous post on patient privacy, we noted that patient data loss is a lot like planes disappearing in the Bermuda Triangle – no one really knows where the planes disappeared to, since the people on the planes never return to tell the story...
January 29, 2013 Added by:Rebecca Herold
Marketing organizations salivate at the prospects of doing advanced analysis with such data to discover new trends and marketing possibilities. The government wants to use it for investigations. Historians want to use it for, yes, marking historical events. And the list could go on...
No Quick Fixes for Home Depot After Record C... Kimberly McNeeley on 09-23-2014
Interoperability: A Much Needed Cloud Comput... Samantha Elizabethus on 09-23-2014
3 Things To Consider When Revisiting Your Ba... james russa on 09-22-2014