New & Notable
Information Security Policies, Procedures and Guidelines News
July 29, 2014
Corporate boards have increased their awareness of security issues, but experts say they still lack information security principles.
April 22, 2014
The Verizon DBIR 2014 shows that organizations should build a security strategy around industry-specific threats and incident patterns.
March 26, 2014
The Affordable Care Act introduced a number of infosec issues, but an expert at SecureWorld Boston 2014 said the right mitigations can ease concerns.
March 12, 2014
Veteran CISOs say Target's move to create and fill its CISO role is a good one, but that can't be the end of the Target security program overhaul.
Information Security Policies, Procedures and Guidelines Get Started
Bring yourself up to speed with our introductory content
Information security (infosec) is the set of business processes that protects information assets regardless of how the information is formatted or whether it is being processed, is in transit or is being stored. Continue Reading
A botnet sinkhole is a target machine used by researchers to gather information about a particular botnet. Sinkholing is the redirection of traffic from its original destination to one specified by the sinkhole owners. The altered destination is ... Continue Reading
Compliance expert Mike Chapple reviews changes to HIPAA business associate agreements under the Omnibus Rule and what they mean for covered entities. Continue Reading
Evaluate Information Security Policies, Procedures and Guidelines Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Video: Securicon executive consultant Ernie Hayden discusses what the NIST cybersecurity framework got right, and how the document can be improved. Continue Reading
This Beyond the Page focuses on how mobile application management can help CISOs move beyond consumer-oriented endpoints and their security tradeoffs. Continue Reading
A new survey shows enterprise users are often unaware of secure file-transfer policies, and many organizations make those policies too hard to follow. Continue Reading
Manage Information Security Policies, Procedures and Guidelines
Learn to apply best practices and optimize your operations.
John Pescatore on why the SANS Institute's Critical Security Controls make up for other security deficiencies; plus, secrets of working with Gartner. Continue Reading
Expert Joseph Granneman explains the best way for employers to approach social media monitoring as part of a social media policy for employees. Continue Reading
FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure file transfer shows how best to cure that sense of FTP insecurity. Continue Reading
Problem Solve Information Security Policies, Procedures and Guidelines Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Cloud-based storage introduces a number of risks, but banning these services outright is unlikely to generate the desired results. Continue Reading
Expert Ernie Hayden explains how critical infrastructure organizations can use the NIST cybersecurity framework to assess, improve infosec practices. Continue Reading
Information security in healthcare has always been challenging, but expert Joseph Granneman says the ACA's focus on data storage makes it even harder. Continue Reading