Data Privacy and Protection

MUST READ Privacy: Security pros should practice what they preach ARTICLE - Calling privacy "a neglected area" in information security, expert Sarah Gordon says security professionals need to set an example by taking advantage of technical and policy solutions that can help mitigate risks to ...

VIDEO: 1 - 3 of 3

	Compliance in the cloud SearchSecurity.com | 07 Jul 2009 VIDEO - Rena Mears, global and U.S. privacy and data protection leader at Deloitte, discusses how cloud computing is transforming data classification and security.

	PCI compliance requirement 3: Protect data SearchSecurity.com | 01 Jun 2009 VIDEO - Ed Moyle and Diana Kelley review Requirement 3 of the Payment Card Industry Data Security Standard: Protect cardholder data. It's not as simple as it sounds.

	Federal efforts to secure cyberinfrastrucure SearchSecurity.com | 03 May 2009 VIDEO - RSA 2009: Former White House senior advisor Paul Kurtz and James Lewis, director of technology policy at the Center for Strategic and International Studies talk about the state of cybersecurity readiness at the federal level.

	VIEW ALL VIDEO ON DATA PRIVACY AND PROTECTION

EXPERT TECHNICAL ADVICE: 1 - 3 of 28

DATA PRIVACY AND PROTECTION EXPERTS
			David Mortman, featured expert ASK A QUESTION

	How to find virtual machines for greater virtualization compliance 08 Jul 2009 TIP - When it comes to compliance and virtualization, security vulnerabilities and privacy concerns are not the only issues of interest to auditors.

	Learning the language of global compliance 14 Oct 2008 TIP - When a company expands its operations to other countries, what compliance issues confront a security manager?

	How would you define the responsibilities of a data custodian in a bank? 11 Jul 2008 EXPERT ANSWER - Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more.

	VIEW ALL EXPERT TECHNICAL ADVICE ON DATA PRIVACY AND PROTECTION

NEWS: 1 - 3 of 54

	Researchers predict SSNs, crack algorithm putting identities at risk SearchSecurity.com | 07 Jul 2009 ARTICLE - The success rate is as high as 90% for individuals born after 1989 in less populous states. Some data was gleaned from social networking sites.

	Attackers cash in on fundamental data handling mistakes, Verizon finds SearchSecurity.com | 15 Apr 2009 ARTICLE - Large data breaches are the result of sophisticated, targeted external attacks that exploit basic errors, according to the latest data breach investigation report from Verizon.

	RSA panel to discuss surveillance, privacy concerns SearchSecurity.com | 14 Apr 2009 INTERVIEW - Security expert Gary McGraw will moderate a panel discussion on the privacy issues raised when the government conducts surveillance of known terrorist groups.

	VIEW ALL NEWS ON DATA PRIVACY AND PROTECTION

REFERENCE & LEARNING: 1 - 3 of 10

	Quiz: Virtualization and compliance SearchSecurity.com | 08 Jul 2009 QUIZ - How much have you gleaned from this Virtualization and compliance Security School lesson? Test you knowledge of cloud compliance issues.

	Information security book excerpts and reviews SearchSecurity.com | 19 Feb 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	Building network security: Evolution and vendor consolidation 16 Aug 2006 IDENTITY AND ACCESS MANAGEMENT SECURITY SCHOOL - Learn how to use the network/security evolution to make better decisions, how the roles and responsibilities of security pros must change and how NAC helps with compliance.

	VIEW ALL REFERENCE & LEARNING ON DATA PRIVACY AND PROTECTION

MAGAZINE CONTENT (free subscription required): 1 - 3 of 19

	How to write a risk methodology that blends business, security needs Information Security Magazine | 04 Jun 2009 FEATURES - One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.

	Bruce Schneier and Marcus Ranum Face-Off: Should We Have an Expectation of Online Privacy? Information Security Magazine | 07 May 2009 COLUMNS - Security experts Bruce Schneier and Marcus Ranum debate whether users should have an expectation of online privacy.

	Proactive state privacy laws change security focus to prevention Information Security Magazine | 11 Feb 2009 COLUMNS - New data breach notification acts in Nevada and Massachusetts are changing the way that organizations handle data.

	VIEW ALL MAGAZINE CONTENT ON DATA PRIVACY AND PROTECTION

WEBCASTS: 1 - 3 of 3

The Importance of Data Integrity and Why You Should Care - Vendor Webcast VIEW WEBCAST PREMIERED:   15 NOV 2006, 09:00 EST (14:00, GMT) SUMMARY:   In this webcast, join Randolph A. Kahn, author of the book "Privacy Nation" for a one-hour discussion on the importance of your company's data integrity and why you should care. Mr. Kahn also discusses how to effectively secure your company's valuable information and appropriately classify your data.

	Overcoming the Myths and Confusion of Payment Card Industry (PCI) Compliance - Vendor Webcast VIEW WEBCAST PREMIERED:   28 JUN 2006, 14:00 EDT (18:00, GMT) SUMMARY:   Attend this webcast and explore Payment Card Industry (PCI) standards and the measures your company should take to effectively secure customer credit card information.

The Fast Track to Compliance: Better Management for Network Security - Vendor Webcast VIEW WEBCAST PREMIERED:   22 SEP 2004, 12:00 EDT (16:00, GMT) SUMMARY:   Join META Group analyst and noted compliance expert Paul Proctor (keynote speaker, Oct. 2004 Information Security Decisions) as he takes a fresh look at how complex network security systems should be managed in the age of HIPAA, Sarbanes-Oxley, GLBA, and other wide-reaching regulations.

	VIEW ALL WEBCASTS ON DATA PRIVACY AND PROTECTION

WHITE PAPERS

Payment Card Industry Data Security Standard (PCI DSS) Compliance in the UNIX/Linux Datacenter Published by: Symark International, Inc. | 17 Feb 2009 WHITE PAPER - Read this whitepaper to discover a solution that enables IT organizations to create a secure access control infrastructure through granular authorization and "delegation" of the UNIX/Linux root or super user password to users based on their role and duties in the organization.

	Security Solutions for UNIX/Linux Audits Published by: Symark International, Inc. | 17 Feb 2009 WHITE PAPER - Check out this whitepaper to learn the security issues of UNIX and Linux systems and how to meet audit requirements.

	How Controlling Access to Privileged Accounts Can Keep Insider Threat from Hurting Your Bottom Line Published by: Symark International, Inc. | 16 Feb 2009 WHITE PAPER - Access control is needed. Read this paper to identify a line of identity and access solutions that address these problems inside the perimeter and ultimately, your enterprises bottom line and reputation.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

DEFINITIONS: 1 - 3 of 3

	P3P 04 Jul 2003 WORD - P3P (Platform for Privacy Preferences) is a protocol that specifies a way to determine if a Web site's security policies meet a user's privacy requirements. P3P includes a machine-readable vocabulary and syntax that can be ...

	cypherpunk 15 Sep 2001 WORD - Cypherpunk, a term that appeared in Eric Hughes' "A Cypherpunk's Manifesto" in 1993, combines the ideas of cyberpunk, the spirit of individualism in cyberspace, with the use of strong encryption (ciphertext is encrypted text) ...

	Data Encryption Standard 19 Jan 2001 WORD - Data Encryption Standard (DES) is a widely-used method of data encryption using a private (secret) key that was judged so difficult to break by the U.S. government that it was restricted for exportation to other countries. ...

	VIEW ALL DEFINITIONS ON DATA PRIVACY AND PROTECTION

	SEE ALSO - Topics Related to Data Privacy and Protection:  FFIEC Regulations and Guidelines, COBIT, Gramm-Leach-Bliley Act (GLBA), HIPAA, Sarbanes-Oxley Act, FISMA, IT Security Audits, PCI Data Security Standard, ISO 17799