Access "GRC Tools Help Manage Regulations"
This article is part of the June 2008 issue of Five crucial virtualization do's and don'ts
We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game. A decade ago, regulated industries were the rare exception; today, the industry that isn't regulated is the exception. In fact, most firms have multiple sets of regulatory requirements they need to address. As the regulatory burden increases, businesses are finding themselves in an increasingly complex ecosystem of governance--we audit our contractors and clients to ensure their compliance to our security requirements, and the firms we service audit us. As we implement security controls related to compliance, as well as controls contractually required of us by our clients, we put into production an ever more complicated laundry list of security controls to manage. Making risk decisions in this hive of controls, regulation and contractual obligations is nigh onto impossible. IT governance, risk and compliance (GRC) tools promise to help us meet these challenges. They promise to help us make smarter risk decisions, manage our ... Access >>>
Premium Content for Free.
Virtualization server security best practices
by Thomas Ptacek
Avoid server virtualization security bad practices with these dos and don'ts. Get info on virtualization products, segmentation, implementation, avoiding malware, and staging, deploying and patching virtual machines, segmentation and implementation.
Product review: Credant Mobile Guardian 6.0
Product review: Klocwork Insight 8.0
Embedded Security Safeguards Laptops
Tech Focus: Secure From Within
Security Awareness Employee Training Essential to Infosec Program
Security awareness training initiatives such as online tutorials, newsletters, MP3s and prizes get the security message across to users.
- Virtualization server security best practices by Thomas Ptacek
Spam Blockers Losing Ground on Sophisticated Attackers
SPAM Spam hasn't been "solved"; in fact, the scourge has grown worse as attackers continually trump countermeasures and refine their focus on high-value targets.
Product review: Mu-4000 Security Analyzer
Product review: Array Networks SPX2000
Security Services: QualysGuard Security and Compliance Suite
At Your Service
GRC Tools Help Manage Regulations
GOVERNANCE, RISK AND COMPLIANCE We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.
- Spam Blockers Losing Ground on Sophisticated Attackers
CISOs Must Innovate to Enable Business
Editor's Desk: Be an Enabler
Architect Security and Compliance Programs to Be Complementary
Perspectives: Shake On It
Address Authentication and Transaction Validation Protocols to Stem Identity Theft
Layer8: Tarnishing Good Names
Interview: Financial Services CISO David Pollino
CISO Uses Predictive Analystics to Bolster Risk Management Program
- CISOs Must Innovate to Enable Business
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...