Security Audit Compliance and Standards
- March 09, 2018
A DHS cybersecurity audit for FISMA compliance by the Office of Inspector General rated the agency below target levels in three of five areas of information security.
- December 13, 2017
A team of security researchers discovered many vendors' TLS implementations are vulnerable to the Bleichenbacher oracle attack, which was first discovered 19 years ago.
- June 02, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss GDPR compliance and how the EU law will affect enterprise data privacy and security across the globe.
- December 19, 2016
Gas stations get an extra three years to support new chip card payments, as the EMV liability shift date for automated fuel dispensers is pushed to 2020.
- October 16, 2015
News roundup: FBI issues a public service announcement about EMV chip-and-signature cards. Plus: bumper crop of OS X malware in 2015; phishing sites with authenticated certificates and more.
- April 29, 2015
At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation.
- September 12, 2014
News roundup: City-sponsored situational awareness software use at a music festival illustrates the importance of enterprise surveillance strategy evaluation. Plus: Apache Tomcat upgrade; OpenSSL security policy; and call center security concerns.
- September 05, 2014
News roundup: The recent Goodwill security breach has been blamed on a third-party service provider, highlighting the need for due diligence. Plus: Mobile device theft; Android app vulnerabilities and a 12-year-long cyber-espionage network.
- May 15, 2014
Attorney Francoise Gilbert analyzes the White House big data initiative and the data security and privacy ramifications for enterprises.
- February 17, 2014
Experts differed over whether the NIST cybersecurity framework provides critical infrastructure firms with the tools to defend themselves.
- February 25, 2013
At the CSA Summit 2013, Mark Weatherford said the DHS 'cyber 911' service will better support the private sector, and new voluntary standards are in the works.
- June 21, 2011
All companies, not just financials, must comply with the Dodd-Frank Act; Gartner recommends having a compliance bureau monitor the implications.
- March 04, 2011
Paul Judge of Barracuda Networks and Joshua Corman of the 451 Group discuss whether compliance hinders the creation of innovative security technologies.
- February 24, 2011
A survey of more than 300 IT professionals found that 25% of IT projects begin as part of compliance initiatives.
- January 31, 2011
A study by the Ponemon Institute found that the average total cost of compliance is more than $3.5 million.