Security audit, compliance and standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

March 30, 2021 30 Mar'21
Feds debate while states act on data privacy laws

As Congress debates its next move on how to regulate big tech, states are already enacting legislation. Their push will likely serve as a model for the federal government.
February 25, 2021 25 Feb'21
Vastaamo breach, bankruptcy indicate troubling trend

The blackmailing of patients directly, as well as the resulting bankruptcy of Vastaamo Psychotherapy Centre, could single a shift in cyber crime tactics.
January 19, 2021 19 Jan'21
Data privacy law is coming, big tech privacy officers say

At the digital CES 2021 event, privacy leaders at Google, Twitter and Amazon said the time is right for a data privacy law.
December 16, 2020 16 Dec'20
Social media data practices land in FTC crosshairs

The Federal Trade Commission is seeking information on how social networking giants like Facebook, Twitter and YouTube collect and use consumer data.

Bring yourself up to speed with our introductory content

principle of least privilege (POLP)

The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what are strictly required to do their jobs. Continue Reading
Data loss prevention quiz: Test your training on DLP features

Data loss prevention tools can help infosec manage insider threat, shadow IT and compliance initiatives. Test your know-how with this DLP quiz. Continue Reading
Rebuild security and compliance foundations with automation

Instead of patchwork security fixes, financial organizations need to embrace automation, create and deploy secure software and address implementation problems. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Exploring GRC automation benefits and challenges

Governance, risk and compliance is a crucial enterprise task but can be costly and time-consuming. This is where GRC automation fits in. Learn about its benefits and challenges. Continue Reading
Explore CASB use cases before you decide to buy

CASB tools help to secure cloud applications so only authorized users have access. Discover more about this rapidly evolving technology in a CASB explained tutorial. Continue Reading
How to use the Mitre ATT&CK framework for cloud security

Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading

Learn to apply best practices and optimize your operations.

7 cybersecurity priorities CISOs should focus on for 2021

For 2021, Vishal Salvi argues that CISOs should tie cybersecurity to business agendas better, invest in cloud security, implement IT hygiene, modernize security architecture and more. Continue Reading
8 benefits of a security operations center

A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
8 video conferencing security and privacy best practices

Video conferencing tools are a remote worker's lifeline. As such, it is essential to maintain their security. These eight best practices will help ensure secure, private video-enabled meetings. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Collaboration tool security: How to avoid common risks

As the use of collaborations tools and platforms surges, new research from Metrigy emphasizes organizations need to focus on collaboration tool security to reduce risk. Continue Reading
Who wins the security vs. privacy debate in the age of AI?

When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading
How to deal with the lack of IoT standards

With each IoT standards body creating its own architecture or framework, IT professionals have many options to sort through for any IoT deployment. Continue Reading