Security Management Strategies for the CIO
Email Alerts
-
Interpreting 'risk' in the Massachusetts data protection law
After many changes, it appears that the recent Massachusetts data protection law is here to stay. Contributor David Navetta reviews the important, ambiguous places in the legislation that your legal and compliance teams must zero in on in order to av... Tip
-
Strategies for using technology to enable automated compliance
Enterprise compliance programs depend on a variety of people, data and processes, so it's no surprise that many organizations seek to implement automated compliance with the help of technology. However, such efforts can easily fail without due dilige... Tip
-
How to find virtual machines for greater virtualization compliance
When it comes to compliance and virtualization, security vulnerabilities and privacy concerns are not the only issues of interest to auditors. Managing internal virtual machines can be a major security and compliance hurdle, particularly in environme... Tip
-
By addressing data privacy, companies avoid public scrutiny
Some organizations may believe data privacy laws don't affect them, but those groups may be deluding themselves. Authors Craig Norris and Tom Cadle explain why, and offer a comprehensive overview of the responsibilities that come with handling sensit... Tip
-
Learning the language of global compliance
When a company expands its operations to other countries, what compliance issues confront a security manager? Expert Mike Rothman explains how data security and data privacy can be the same in any language. Tip
-
Breach prevention: Adding security to the purchasing process
This tip looks at the role of purchasing and offers advice for educating your purchasing team about security to create a solid security/purchasing team. Tip
-
Data loss prevention (DLP) tools: The new way to prevent identity theft?
Despite advances in perimeter technologies, data theft has become common in today's enterprises. To protect their confidential information, some security professionals are turning to an emerging technology category: data loss prevention. But don't th... Tip
-
Complying with breach notification laws
Learn the general requirements of breach notification laws modeled after the California Security Breach Information Act and strategies for compliance. Tip
-
Privacy and your offshore operations
Most companies are used to considering the implications of Sarbanes-Oxley and Gramm-Leach-Bliley on their domestic operations, but thinking about security and privacy offshore is just as important. Contributor Joel Dubin explains how to ensure techni... Tip
-
Compliance Q&A: Myths, mistakes and management advice
Keeping organizations continuously compliant with multiple complex and ever-changing regulatory requirements remains a challenge for many infosec pros. But if they don't shape up now, it's only going to get worse. In this interview, Rebecca Herold, C... Tip