Security audit, compliance and standards
Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.
New & Notable
3 Ways SOAR Can Combat the Cybersecurity Skills Shortage
What are some of the strategies that your organization has implemented to help combat the cybersecurity skills gap? Mike Chapple, senior director of IT at University of Notre Dame explains how log processing, threat intelligence and account lifecycle management can help alleviate the shortage of qualified pros and have teams work smarter, not harder.
Security audit, compliance and standards News
-
August 21, 2019
21
Aug'19
Salesforce DNSSEC project aims to boost site security, speed, uptime
Salesforce, which juggles multiple DNS providers to serve customers while complying with global data-privacy regulations, spearheads new DNS models to enable deeper encryption.
-
July 29, 2019
29
Jul'19
Untangling GDPR fines with Synopsys' Tim Mackey
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations.
-
July 09, 2019
09
Jul'19
British Airways security incident garners record GDPR fine
The ICO plans to levy a record GDPR fine of nearly $230 million against British Airways for a security incident that led to 500,000 customers having their data compromised.
-
June 06, 2019
06
Jun'19
Why larger GDPR fines could be on the horizon
There haven't been many fines under the General Data Protection Regulation since the EU data privacy law went into effect a year ago. But experts warn that will likely change.
Security audit, compliance and standards Get Started
Bring yourself up to speed with our introductory content
-
single sign-on (SSO)
Single sign-on (SSO) is a session and user authentication service that permits an end user to enter one set of login credentials (such as a name and password) and be able to access multiple applications. Google, LinkedIn, Twitter and Facebook offer ... Continue Reading
-
Top 7 IT security frameworks and standards explained
Several IT security frameworks and cybersecurity standards are available to help protect company data. Here's advice for choosing the right one for your organization. Continue Reading
-
EU GDPR terms to know
Compliance regulations can be complicated to follow, particularly in the new age of data privacy. Here's a breakdown of the must-know terms for companies who are subject to GDPR. Continue Reading
Evaluate Security audit, compliance and standards Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
How to identify and evaluate cybersecurity frameworks
Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one. Continue Reading
-
Why is third-party risk management essential to cybersecurity?
Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals. Continue Reading
-
Explore this NGFW comparison of leading vendors on the market
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision Continue Reading
Manage Security audit, compliance and standards
Learn to apply best practices and optimize your operations.
-
3 ways to shore up third-party risk management programs
A new Nemertes research study shows enterprises need to adopt third-party risk management programs that jettison manual checklists in favor of automated tools, hands-on risk assessments and dedicated risk teams. Continue Reading
-
IoT Cybersecurity Improvement Act calls for deployment standards
The IoT Cybersecurity Improvement Act would require development of security standards and guidelines for federal IoT devices, but CISOs in the private sector could also benefit. Continue Reading
-
Mastercard CTO on cybersecurity and AI integration
Mastercard CTO Kush Saxena describes his approach to cybersecurity and AI as two-fold. Learn how AI and machine learning impacts the cybersecurity practice in the enterprise. Continue Reading
Problem Solve Security audit, compliance and standards Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
Best practices to conduct a user access review
User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. Continue Reading
-
What are the most important email security protocols?
Internet email was designed independent of security considerations, but these are the top email security protocols that add mechanisms to keep messaging safe from threats. Continue Reading
-
GDPR and backup: What have we learned in one year?
A customer's deletion request continues to be a sticking point regarding backup and GDPR compliance. Learn guidance about this issue and others, following GDPR's first birthday. Continue Reading