Security Management Strategies for the CIO
Email Alerts
-
RSA attendees see data classification, rights management projects stumble
SAN FRANCISCO -- Companies need to embark on data classification projects to gain more control over its movement and minimize data leakage, but it's difficult to find a company successfully carrying out a project. Rena Mears, Deloitte's global and U.... Interview
-
Hannaford breach illustrates dangerous compliance mentality
As Executive Editor Dennis Fisher explains, the Hannaford supermarket breach illustrates how too much emphasis on compliance puts critical data at risk. Column
-
Tough questions on PCI DSS: Private networks, self-assessment and segmentation
Due to an overwhelming number of audience questions during his live question-and-answer session, Security Curve Founding Partner Ed Moyle was unable to answer all of them during SearchSecurity.com's recent virtual trade show on PCI DSS. In this Q&A, ... Interview
-
Worst practices: Recognizing the biggest compliance mistakes
With all of the compliance requirements and regulations organizations need to abide by these days, corporate compliance blunders are inevitable. In this tip, security management expert Mike Rothman highlights the biggest compliance mistakes seen in t... Tip
-
TJX faces data audits for 20 years under FTC settlement
TJX Cos Inc. agreed to implement tighter security and obtain independent audits every other year for 20 years, according to a settlement reached with the Federal Trade Commission. Article
-
How would you meet PCI requirement 2.3 when it comes to terminal service or RDP sessions?
What's the best way to comply with PCI DSS without having to create a secure IPsec tunnel with every connection to critical systems? Security management expert Mike Rothman gives his advice. Ask the Expert
-
Solidcore launches PCI file integrity software
New software from Solidcore Systems Inc. addresses section 10 and 11 of the PCI standard, enabling administrators to record and monitor changes to protected files. News
-
PCI compliance drives identity management spending, says IBM's GRC chief
Kristin Lovejoy came to IBM as chief technology officer of Consul Risk Management, which was acquired by Big Blue in early 2007. Lovejoy helps contribute to IBM's company-wide security strategy, overseeing the company's governance, risk and complianc... Interview
-
How to store and secure credit card numbers on the LAN
How do small companies typically store credit card numbers on their LANs? Joel Dubin comments. Answer
-
How are the PCI DSS deadline extensions affecting corporations' desire to become compliant?
Becoming PCI DSS compliant is hard work for financial institutions, but will deadline extensions help? Ask the Expert