RSS Alerts

Tag Cloud

cloud computing Security David Harley cybersecurity compliance cloud security Cloud encryption

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

0
comments
Defining “Equity” in the World of Critical Infrastructure Security
For several sessions in a row, federal cybersecurity legislation has been stalled while a squadron of lobbyists debate whether mandated compliance with federal standards will help or hinder IT security efforts in the private sector. The Administration is concerned that voluntary compliance will not ...
Posted 29 May 2013 by (ISC)² U.S. Government Advisory Board Executive Writers Bureau (EWB)
tags: critical infrastructure, compliance, public sector
0
comments
Liability and the “Commercially Reasonable” Standard
When new technology introduces new legal questions, it can take a long time for courts to sort matters out, and cybersecurity is no exception to the rule. Cyberattacks that yielded major breaches of financial companies in 2008 or 2009 have spawned a series of lawsuits that aim to determine liability ...
Posted 20 May 2013 by (ISC)² U.S. Government Advisory Board Executive Writers Bureau (EWB)
tags: (ISC)2, NIST, FFIEC, Cybersecurity, federal IT, compliance
0
comments
Going Up? Safety First, then Send your Data to the Cloud
By Joe Sturonas As the proliferation of data continues to plague businesses, the pressure is on for companies to migrate away from their physical data centers. Cloud computing is being adopted at a rapid rate because it addresses not only the costs for physical space, but also rising energy costs a ...
Posted 28 March 2013 by Cloud Security Alliance (CSA)
tags: cloud computing, compliance, encryption
0
comments
An Interview with Aidan Simister, Netwrix
I recently met with Aidan Simister, country manager, UK & Ireland, NetWrix, at the W hotel in Leicester Square. You may not be familiar with NetWrix if you are UK-based, which Simister blames on the fact that they are “terrible at telling people what we do, but brilliant at writing tools& ...
Posted 12 December 2012 by Eleanor Dallaway
tags: Auditing, NetWrix, Compliance
0
comments
Context + Analytics = Good Security
By Jon-Louis Heimerl Data [dey-tuh] noun: individual facts or statistics Information [in-fer-mey-shuhn] noun: knowledge concerning a particular fact or circumstance When does data become consumable information? When we correctly manage security, we integrate security devices into our infrastr ...
Posted 17 October 2012 by Cloud Security Alliance (CSA)
tags: analytics, cloud computing, compliance, Big Data
0
comments
Compliance in the Cloud
Earlier in the year Quocirca was asked a surprising question along these lines: “If we use a cloud-based storage service and there is a leak of personal data, who is responsible, us or them?” Make no mistake, the answer is, that regardless of how and where data is stored, the responsibil ...
Posted 30 August 2012 by Bob Tarzey
tags: cloud computing, compliance, EU Data Protection Directive, Data Protection Act
0
comments
Leveraging Managed Cloud Services to Meet Cloud Compliance Challenges
By Allen Allison Regardless of your industry, customer base, or product, it is highly likely that you face regulatory compliance requirements. If you handle Protected Health Information (PHI), the Health Insurance Portability and Accountability Act (HIPAA) – along with the HITECH enhancement ...
Posted 04 November 2011 by Cloud Security Alliance (CSA)
tags: cloud , security, compliance
0
comments
Avoiding (awful) bad practice at audit time
Quocirca saw an estimate recently that IT security managers can spend as much as 30% of their time preparing for and delivering audits. This is mundane and uninteresting work and if it can be automated – all the better. However, recent Quocirca research, sponsored by sys-admin tools vendor Osi ...
Posted 18 October 2011 by Bob Tarzey
tags: audit, compliance
0
comments
Failing PCI Policy?
This is a good read if you missed it – the most recent report by the ever-interesting Verizon PCI and Risk Intelligence Teams on the state of PCI Compliance. It's the usual mix of "no surprise there" moments followed by a few "Huh, really?  REALLY?" sections. Ov ...
Posted 13 October 2011 by Geoff Webb
tags: PCI DSS, Verizon, Security Policy, compliance
0
comments
Test Accounts: Another Compliance Risk
By Merritt Maximi A major benefit associated with deploying identity management and/or identity governance into an organization is that these solutions provide the ability to detect and remove orphan accounts. Orphan accounts refer to active accounts belonging to a user who is no longer involved w ...
Posted 07 October 2011 by Cloud Security Alliance (CSA)
tags: cloud, security, compliance, identity management
0
comments
Five Ways to Achieve Cloud Compliance
By Allen Allison With the rapid adoption of cloud computing technologies, IT organizations have found a way to deliver applications and services more quickly and efficiently to their customers, incorporating the nearly ubiquitous utility-like platforms of managed cloud services companies. The use ...
Posted 26 August 2011 by Cloud Security Alliance (CSA)
tags: cloud, security, compliance, HIPPA, PCI DSS
0
comments
Weinergate and The Case for Full Disclosure of Data Breaches
Often when I chat with people within the industry, the one thing I expect is a consistent message akin to a broken record. De-perimiterization, consumerization, defense in depth – the list of things I hear brought up in nearly every conversation is as fine tuned as a political candidate&rsqu ...
Posted 23 June 2011 by Drew Amorosi
tags: data breach, compliance
0
comments
Who Moved My Cloud?
By Allen Allison Managed cloud services are quickly being adopted by large enterprises. Organizations are increasingly embracing cloud technologies for core services like financial systems, IT infrastructure, online merchant sites, and messaging solutions. This adoption rate is creating an ever-i ...
Posted 03 May 2011 by Cloud Security Alliance (CSA)
tags: cloud , security, compliance, audit
0
comments
Moving to a “Show Me” State – Gaining Control and Visibility in Cloud Services
By Eric Baize In Survey after survey, security and more specifically the lack of control and visibility around what is happening to your information on cloud provider premises, is listed as the number one barrier to cloud adoption. So far, there have been two approaches to solving the problem: ...
Posted 25 January 2011 by Cloud Security Alliance (CSA)
tags: cloud security, trusted cloud, compliance
1
comment
Practicing Continuous PCI DSS Compliance
  The importance of ongoing/continuous PCI DSS compliance processes as an effective means to curb security breaches at a merchant’s site is being touted by many experts in the PCI field lately. Verizon's recommendations also mention this importance in it’s recently released report ...
Posted 07 October 2010 by Ajay Gupta
tags: PCI , PCI DSS, Compliance, Rogue
4
comments
HITECH, breaches, and a little sunlight
A good article in InfoSecurity on May 5th on the HITECH act got me thinking (as good articles should) about health records, security, and well, all things HIPAA-ish. I certainly agree with much of what was said, and I think it’s clear that the pressure is ramping up rapidly to not only comply ...
Posted 13 May 2010 by Geoff Webb
tags: HITECH, PCI DSS, data breach, compliance
0
comments
Making the Management of Security Compliance Easier!
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about how we can make it easier for our customers to manage compliance in the ...
Posted 18 February 2010 by Roger Halbheer
tags: Compliance, Policy
0
comments
Software Piracy – A Threat to Security!
Beginning of this year, I tried to understand, whether we can show a collaboration between Piracy (stolen software) and Malware Infections. I played a little bit with the data I had available and came to the conclusion, that there most probably is: Is there a Correlation between Stolen Software (Pir ...
Posted 14 October 2009 by Roger Halbheer
tags: Compliance, Piracy
0
comments
Why it pays to be secure - Chapter 1 - Data Breaches
In my first post here, I opened the field for a series on “Why it pays to be secure”. As I told you there, Henk van Roest, our Security Support Program Manager in EMEA kicked this off for internal training. Let’s return to the theme of deploying security updates once more, we need ...
Posted 14 September 2009 by Roger Halbheer
tags: Compliance, Policies, Business Value, Processes
0
comments
Why it pays to be secure
You might all know that feeling: You need money to finance security activities and you are asked why this money shall be invested. And then we start to argue that if we do not do it – bad things happen. These are questions that myself and our support get often. That was the reason why we start ...
Posted 11 September 2009 by Roger Halbheer
tags: Processes, Policies, Business Value, Compliance
Showing 1 - 20 of 20 blogs
View the RSS feed for this blog »
Terms & Conditions | Privacy | Website Design| Reed Exhibitions. All rights reserved. Copyright © 2013
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×