Security Management Strategies for the CIO
Email Alerts
-
Q&A: Forrester's Chenxi Wang discusses cloud compliance
Forrester's Chenxi Wang discusses cloud compliance and the issues involved with maintaining compliance with PCI, SOX and HIPAA and using cloud-based services. Video
-
How to evolve your compliance program as technologies and mandates change
This video describes how organizations can effectively interpret particular requirements from regulations such as HIPAA and PCI and implications these interpretations have on compliance activities, administration, and auditors. Video
-
Black Hat: Targeted network security attacks beating forensics efforts
Targeted, persistent attacks are supported by a great deal of automation and new functionality that is having little difficulty bypassing traditional security defenses and forensic investigations, two researchers revealed at the Black Hat Briefings. Article
-
Raising the bar on compliance success
By now, most enterprises have established baselines for reporting on foundational IT controls. They've also leveraged control frameworks and resident technologies to assist in logging, auditing and reporting. The next milestone is to "raise the bar" ... Video
-
Ease credit card risks: POS encryption and data tokenization for PCI
Data tokenization and transaction encryption technologies for PCI DSS, though still mostly new and untested, are already in hot demand. In this tip, John Kindervag of Forrester Research explains what to consider before using tokenization and transact... Tip
-
Privacy laws in the workplace: Creating employee privacy policies
Are your employees aware of their workplace privacy rights? More specifically, are they aware of what privacy rights they don't retain? Learn how to create effective employee privacy policies in this expert response. Ask the Expert
-
Risk-based audit methodology: How to achieve enterprise security
Discover how using a risk-based audit methodology can achieve better enterprise security. Learn how to develop an internal IT audit program, implement risk mitigation methods and develop controls and ensure they are effective. Learning Guide
-
Updated Cybersecurity Act reshapes federal compliance, education
The proposed law now lacks an Internet kill-switch provision, clarifies certification and expands public-private cooperation on federal cybersecurity compliance. News
-
Data Accountability and Trust Act
Attorney David Navetta discusses the proposed DATA law, including the similarities and differences with existing state data privacy laws. Video
-
Mass 201 CMR 17: Basics for security practitioners
Massachusetts data protection law 201 CMR 17 went into effect on March 1, 2010. Get an in-depth look at the requirements of this law, and find out what needs to be done to become compliant with the law. Learning Guide