Security Audit Compliance and Standards
- September 20, 2007
A VeriSign review of PCI Data Security Standard (PCI DSS) assessments it conducted found that more than half were still stumbling on the path to compliance.
- July 11, 2007
Karen Worstell, former CISO at Microsoft and AT&T Wireless, recently joined the advisory board of Neupart A/S, a five-year-old European security risk management and awareness firm that just launched a North American office in the Seattle area. The ...
- June 20, 2007
Log management is expected to be a hot topic at the upcoming Burton Group Catalyst Conference. Experts say log data can help organizations comply with numerous guidelines.
- May 17, 2007
Bob Russo, general manager of the PCI Security Standards Council explains that education is crucial to getting more merchants to comply with the standard.
- February 05, 2007
Experts say the use of security information and event management systems can not only give organizations overall visibility into their network security and improve their incident response, but also meet compliance demands.
- December 13, 2006
The Securities and Exchange Commission is looking to make it easier for smaller companies to meet the requirements of Sarbanes-Oxley without going broke.
- August 01, 2006
There's really no one technology answer for regulatory compliance. That's why experts suggest that a variety of tools are needed to meet the requirements of regulations such as Sarbanes-Oxley.
- May 04, 2006
A number of enterprises are using asset disposal firms to ensure sensitive corporate data is destroyed, but the process is hardly foolproof. In fact, a convicted felon could have his hands on your data right now.
- February 07, 2006
As more organizations move their security officers out of IT, it may become easier for CISOs to succeed, but harder for other security pros to avoid a career dead-end.
- January 26, 2006
But more software is beginning to keep insiders from using shared or administrative passwords to access restricted data files, helping to ensure SOX compliance.
- January 16, 2006
The man in charge of information security at a Massachusetts insurance company explains how he built up the company's IT defenses from the top down.
- January 05, 2006
The Santa Clara, Calif.-based network security provider agrees to a cash penalty to be distributed to harmed investors, per the Sarbanes-Oxley Act.
- December 26, 2005
IT security officers long for a common system to comply with laws that are similar, but often have conflicting demands. Some say a single set of federal guidelines could help, but others fear the implications.
- November 14, 2005
At the CSI 32nd annual Computer Security Conference, CISOs say compliance is becoming more burdensome as they must often ensure executives stay out of trouble.
- October 20, 2005
It's difficult for most organizations to cope with today's multitude of compliance regulations, but an expert at Information Security Decisions said security frameworks may be the answer.