Compliance

3071bd3c5c013c8c3defcccad0259c16

Encrypting Data At Rest Or In The Cloud: Is It Value Adding?

October 16, 2013 Added by:Hani Banayoti

Consider encryption at rest but make informed decisions about its value and protection afforded.

Comments  (2)

0356a83ecb15c8e33b00560d7bebe47f

What to Expect When You're NOT Expecting: 7 Steps of a Professional Forensic Investigator

October 02, 2013 Added by:Stephen Marchewitz

A brief understanding of the process, time and overall cost of a Card Holder Data. All information contained in this article is for the purposes of awareness and education. If you have experienced a breach, contact a PFI company immediately.

Comments  (0)

Ae27d21943468124221937d59167fff8

The Ethics of Monitoring Your Employees

September 03, 2013 Added by:Edwin Covert

As the GAO report makes clear, organizations are well within their legal rights to monitor employee activity online when using organization information technology resources.

Comments  (1)

219bfe49c4e7e1a3760f307bfecb9954

What PCI Requirements Apply to Us: Tacking a Common PCI DSS Compliance Challenge

August 21, 2013 Added by:Rohit Sethi

Determining which system components fall under PCI compliance can often be problematic for many companies. When it comes to PCI DSS (Payment Card Industry Data Security Standards) compliance assessments, scoping tends to become a major challenge.

Comments  (5)

4c8a80b80e239c2dd6cd6f8760e10e5f

Protecting the Enterprise Against Growing Social Threats

July 29, 2013 Added by:Vince Schiavone

Corporations looking to proactively protect the business against growing enterprise social risks are engaging advanced, strategic solutions to unveil and track a wide array of social threats. This delivers strategic intelligence for proactive response to effectively mitigate these threats, often before they explode into all out crises.

Comments  (4)

Ee445365f5f87ac6a6017afd9411a04a

What Magneto's Helmet and Non-ICFR SSAE 16 Controls have in Common

July 04, 2013 Added by:Jon Long

Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).

Comments  (0)

483d57221cc733958be20869f1c7e400

HIPAA in Public Cloud: The Rules Have Been Set

July 03, 2013 Added by:Phil Cox

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) released the Omnibus Rule, which finalized all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance.

Comments  (0)

369dec31d888693bba6b6e0f39c14ce3

Healthcare Interrupted - Top Five Vulnerabilities Hackers Can Use Right Now To Shut Down Medical Devices

June 24, 2013 Added by:Matt Neely

By performing penetration tests on hospital networks and medical devices, security researchers have found that many commonly used devices are insecure and can be easily compromised.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Identity & Access Management: Give Me a REST

June 19, 2013 Added by:Simon Moffatt

RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.

Comments  (0)

F2792196079f2c16cd02be6e9ff5b3da

Why are Cybercrimes NOT Always White-collar Crimes?

June 17, 2013 Added by:DHANANJAY ROKDE

A generic definition of a crime would be an act that is in violation of the applicable laws.

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

Irregardless, Begs the Question, and SSAE 16 Certified

June 04, 2013 Added by:Jon Long

"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".

Comments  (0)

6d117b57d55f63febe392e40a478011f

The Year of the Security Standard

May 09, 2013 Added by:Anthony M. Freed

Often in the security field we hear the question asked, “Who’s watching the watchers?” It occurred to me recently that one might make a similar rhetorical quip about other aspects of our field – in particular, the question of “Who’s standardizing the standards?”

Comments  (0)

Af2769c2480db78c589b811b428782b0

Bore Them With Death-by-Awareness: That’ll Teach em!

May 08, 2013 Added by:Lee Mangold

As security professionals, we have to understand that not everyone has a passion for security. In fact, most people don’t. Given that we know “they” don’t share our passion, and we know they are the most vulnerable attack vector, why do we continue to bore them with homogenous and irrelevant training?

Comments  (0)

D2b743b9ed2d7c357472fa8237d7adaf

Using Least Privilege to Effectively Meet PCI DSS Compliance

April 25, 2013 Added by:Andrew Avanessian

PCI DSS Requirement guidelines certainly reinforce how compliance has hardened from suggestive or advisory directives to true mandates with hefty fines and strict consequences for those failing to take heed.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Enter the CISO: Torchbearer of Security and Risk Management

April 06, 2013 Added by:Anthony M. Freed

In a convergence culture, accountability for risk is accepted across the organization, and when that happens, risk management becomes a priority to the business, informing strategy and objectives. By helping identify and mitigate risk across finance, operations and IT, the CISO puts security in context of what could affect profit.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Conducting Secure Transactions On-the-go with VPNs

March 20, 2013 Added by:Patrick Oliver Graf

The safeguarding of private customer information has become a top priority for many organizations, thanks in no small part to government regulation and industry oversight, as we move toward an increasingly digital world.

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »