Governance

The primary driver for security should be to cut risk rather than attempting to churn through an unending string of audit and compliance exercises.

Data protection laws can be more effective if simpler, says JAS Global Advisors' Jeff Schmidt.

Check Point Software Technologies bolstered its portfolio Monday with the acquisition of privately held Dynasec, a 7-year-old, Israel-based provider of governance, risk management and compliance solutions.

Two sides weigh in on whether the federal government should become involved in the distribution of certifications for security professionals.

IBM on Wednesday announced that it has agreed to acquire Waltham, Mass.-based risk and compliance management software provider OpenPages for an undisclosed sum. In a news release, IBM said the acquisition will expand its ability to help businesses address risk management and compliance challenges. OpenPages, which will be integrated within IBM's Business Analytics software portfolio, offers solutions to assist organizations with internal audits, vendor risk management and IT risk and compliance management. The company has more than 200 clients, including Barclays, Duke Energy and Carnival Corp. — AM

Board members and senior management are exercising less IT security governance, and the economic downturn may be to blame, according to a survey released by Carnegie Mellon University.