New & Notable
Security audit, compliance and standards News
August 21, 2019
Salesforce, which juggles multiple DNS providers to serve customers while complying with global data-privacy regulations, spearheads new DNS models to enable deeper encryption.
July 29, 2019
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.
July 09, 2019
The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised.
June 06, 2019
There haven't been many fines under the General Data Protection Regulation since the EU data privacy law went into effect a year ago. But experts warn that will likely change.
Security audit, compliance and standards Get Started
Bring yourself up to speed with our introductory content
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. Continue Reading
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading
Compliance regulations can be complicated to follow, particularly in the new age of data privacy. Here's a breakdown of the must-know terms for companies who are subject to GDPR. Continue Reading
Evaluate Security audit, compliance and standards Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Enterprises' lax data rules reveal weaknesses around AI and model training -- particularly machine learning's reliance on unrestrained big data collection. Continue Reading
Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one. Continue Reading
Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals. Continue Reading
Manage Security audit, compliance and standards
Learn to apply best practices and optimize your operations.
Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
Now more than ever, providers of IoT devices and experiences play an integral role in addressing IoT data privacy issues and influencing outcomes, market forces and societal health. Continue Reading
A new Nemertes research study shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams. Continue Reading
Problem Solve Security audit, compliance and standards Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. Continue Reading
Internet email was designed independent of security considerations, but these are the top email security protocols that add mechanisms to keep messaging safe from threats. Continue Reading
A customer's deletion request continues to be a sticking point regarding backup and GDPR compliance. Learn guidance about this issue and others, following GDPR's first birthday. Continue Reading