Compliance

The five capabilities that define your organization's secure file transfer effectiveness

This webinar will examine the business risks and regulatory compliance requirements associated with file transfers.

How to simplify PCI DSS compliance with AlienVault USM

Demonstrating compliance with PCI DSS is far from a trivial exercise. Are you sure you can document your organization's compliance with the new 3.0 standards?

Nation-state attack likely, say two-thirds of Black Hat respondents

Nation-state attack likely, say two-thirds of Black Hat respondents

By

Nearly two-thirds of survey respondents believe their organization is a potential target for nation-state cyberattacks.

Government budget agency drafts contractor cybersecurity guidelines

Government budget agency drafts contractor cybersecurity guidelines

By

The Office of Management and Budget (OMB) proposed new cybersecurity guidelines earlier this week to help government agencies draft contracts with third-party groups.

FTC: Morgan Stanley not at fault over released information

FTC: Morgan Stanley not at fault over released information

By

Morgan Stanley dodged a bullet this week when the Federal Trade Commission (FTC) ruled the firm did not violate security protocols concerning a breach earlier this year.

Getting a grip on enterprise risk

Managing compliance and risk has become one of the most torturous assignments in the enterprise, particularly for those that must adhere to the ever-increasing challenge of industry, state and federal regulations.

FAA: Software bug impacts Boeing 787 electrical power

By

The aviation authority instructed operators to take "interim action" to prevent loss of AC electrical power, until a software fix is available.

Forrester estimates that broad EMV chip adoption is half a decade away

Forrester estimates that broad EMV chip adoption is half a decade away

By

EMV, despite its security features over magnetic stripe cards, cannot prevent against "wholesale breaches of large numbers of credit card numbers," report authors said.

Sprint fined $15.5 million for overcharging feds for wiretaps

By

Sprint Communications has agreed to pay $15.5 million to the federal government for charging law enforcement agencies for surveillance upgrades.

NIST calls for final comments on draft covering sensitive information protection

NIST calls for final comments on draft covering sensitive information protection

By

NIST and NARA collaborated to produce the final draft of "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations."

Insider threat: The emerging policy landscape & best practices

Retired Senior Executive,CIA - Insider Threat Detection, Larry Knutsen, will review the evolution of U.S. policy on insider threats and what they mean to your organization.

PCI Council updates penetration testing guidance for merchants

By

A recent Verizon study found that regular testing of security systems was a compliance weak point for merchants.

Federal Reserve Bank of New York creates cybersecurity team

By

Sarah Dahlgren, the New York Fed's head of supervision, announced that the bank had created a team dedicated to cybersecurity.

Russian hacker to be extradited to U.S. from Spain

By

A Russian man who was arrested in Spain on suspicion of cyber fraud reportedly will be extradited to the U.S. within the next few days.

Obama Administration sets record for withholding FOIA requests

By

The Obama administration has set another record for withholding government files under the U.S. Freedom of Information Act.

Verizon: PCI requirement to test security systems a compliance weak point for orgs

Verizon: PCI requirement to test security systems a compliance weak point for orgs

By

The percentage of companies compliant with PCI DSS Requirement 11 dropped to 33 percent last year, a Verizon report found.

Cracking the confusion between encryption and tokenization

Today there are more options for securing enterprise data than ever before. Yet with so many approaches, choosing the best fit isn't always an easy decision.

Obama criticizes Chinese cybersecurity regs

By

President Obama told Reuters that cybersecurity requirements proposed by China need to change if the country wants to do business with the U.S.

In historic vote, FCC approves strong net neutrality rules

By

The rules, approved Thursday, ban ISPs from charging for internet "fast lanes," or blocking legal internet services.

Planning for PCI compliance in the cloud

Virtualization changes everything. The agility and cost efficiencies enabled by virtualization and the cloud are beneficial, as long as you understand why virtualization requires different security.

Defense from the top: FISMA

Defense from the top: FISMA

By

The DHS will gain more control - and federal cybersecurity likely will be improved - when a FISMA update is passed, reports Lee Sustar.

News briefs: North Korea behind the Sony breach and a landmark HIPAA settlement

News briefs: North Korea behind the Sony breach and a landmark HIPAA settlement

By

President Obama imposed sanctions against North Korea, a medical services provider will be forced to pay a "neglect" penalty over HIPAA violations, the House passed the Intelligence Authorization Act, and other security news.

FCC warns businesses: Wi-Fi blocking prohibited

By

In an attempt to put the issue to rest, the agency warned businesses against blocking guests' personal hotspots.

Don't dismiss internal data breaches as minor - they aren't!

Don't dismiss internal data breaches as minor - they aren't!

The wolf isn't at your door, it's inside. Ignorance is definitely not bliss. Just ask any of the regulatory agencies.

Identity requirements for risk and compliance - what you need to know

Identity is a critical component of proving compliance. Whether complying with industry regulations or security best practices, your auditors need to know who has access to what servers and data as well as who exactly did what, where and when.

PCI compliance not synonymous with security, panel says

PCI compliance not synonymous with security, panel says

By

A panel held during the annual NRF conference discussed ways that retailers could bolster security.

After FCC fine, Marriott says it won't block guests' Wi-Fi networks

By

Last October, the FCC came after Marriott with a $600,000 fine.

NJ law requires health insurance carriers to encrypt sensitive data

By

New Jersey Governor Chris Christie signed the legislation last Friday.

HITRUST adds privacy controls to Common Security Framework

By

The privacy controls will be added to version 7 of HITRUST's CSF due out later this month.

Why compliance matters

Why compliance matters

Part of my role requires me to ask questions that an auditor might. This is especially true when it comes to compliance, why it matters, and how it makes a difference.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US