Security audit, compliance and standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

December 16, 2020 16 Dec'20
Social media data practices land in FTC crosshairs

The Federal Trade Commission is seeking information on how social networking giants like Facebook, Twitter and YouTube collect and use consumer data.
November 12, 2020 12 Nov'20
New Yugabyte release boosts distributed SQL database security

Yugabyte now has row-level geo-partitioning for its open source distributed SQL database, enhanced multi-region features and several new features to improve security.
October 05, 2020 05 Oct'20
Surge in ransomware attacks threatens student data

Ransomware attacks are not the only threats facing K-12 schools during the COVID-19 pandemic. Cybercriminals are stealing and exposing students' personal data as well.
August 11, 2020 11 Aug'20
Healthcare CISO offers alternatives to 'snake oil' companies

Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salesmen and more at his Black Hat USA 2020 talk.

Bring yourself up to speed with our introductory content

How to develop a cybersecurity strategy: Step-by-step guide

A cybersecurity strategy isn't meant to be perfect, but it must be proactive, effective, actively supported and evolving. Here are the four steps required to get there. Continue Reading
Data protection impact assessment tips and templates

Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
Updated FFIEC 'Business Continuity' handbook highlights planning

The FFIEC handbook on business continuity has been updated by the organization to place greater emphasis on planning, with more detailed information on testing and exercises. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

CASB explained: Know its use cases before you buy

CASB tools help to secure cloud applications so only authorized users have access. Discover more about this rapidly evolving technology in a CASB explained tutorial. Continue Reading
How to use the Mitre ATT&CK framework for cloud security

Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
Security automation tools and analytics reshape SecOps efforts

To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change. Continue Reading

Learn to apply best practices and optimize your operations.

7 cybersecurity priorities CISOs should focus on for 2021

For 2021, Vishal Salvi argues that CISOs should tie cybersecurity to business agendas better, invest in cloud security, implement IT hygiene, modernize security architecture and more. Continue Reading
8 benefits of a security operations center

A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
8 video conferencing security and privacy best practices

Video conferencing tools are a remote worker's lifeline. As such, it is essential to maintain their security. These eight best practices will help ensure secure, private video-enabled meetings. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Who wins the security vs. privacy debate in the age of AI?

When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading
How to deal with the lack of IoT standards

With each IoT standards body creating its own architecture or framework, IT professionals have many options to sort through for any IoT deployment. Continue Reading
HIPAA compliance checklist: The key to staying compliant in 2020

Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading