Tag Cloud

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

0
comments
Are we as security practitioners willing to 'eat our own cooking'? In other words, are security professionals practicing what they preach with respect to compliance at the organizational security function level? A recently leaked US Office of the Inspector General (OIG) report pertaining to th ...
0
comments
By Kamal Shah Cloud services are here to stay, and practically everybody is embracing them. In fact, the cloud computing industry is growing at the torrid pace of nearly 30% per year right now, according to Pike Research. Certainly healthcare service providers are getting on the cloud services ban ...
Posted 14 August 2013 by Cloud Security Alliance (CSA)
0
comments
Regulatory Pain
By Sean Arrowsmith Increasingly I am witnessing my clients' utter frustration, endless despair, abject misery…cue the violins…. This gloom and doom is due to the ever-increasing compliance and regulatory burden they need to address in order to continue to do business. So many bu ...
Posted 09 August 2013 by IRM Plc
0
comments
For several sessions in a row, federal cybersecurity legislation has been stalled while a squadron of lobbyists debate whether mandated compliance with federal standards will help or hinder IT security efforts in the private sector. The Administration is concerned that voluntary compliance will not ...
0
comments
When new technology introduces new legal questions, it can take a long time for courts to sort matters out, and cybersecurity is no exception to the rule. Cyberattacks that yielded major breaches of financial companies in 2008 or 2009 have spawned a series of lawsuits that aim to determine liability ...
0
comments
By Joe Sturonas As the proliferation of data continues to plague businesses, the pressure is on for companies to migrate away from their physical data centers. Cloud computing is being adopted at a rapid rate because it addresses not only the costs for physical space, but also rising energy costs a ...
Posted 28 March 2013 by Cloud Security Alliance (CSA)
0
comments
I recently met with Aidan Simister, country manager, UK & Ireland, NetWrix, at the W hotel in Leicester Square. You may not be familiar with NetWrix if you are UK-based, which Simister blames on the fact that they are “terrible at telling people what we do, but brilliant at writing tools& ...
Posted 12 December 2012 by Eleanor Dallaway
0
comments
Context + Analytics = Good Security
By Jon-Louis Heimerl Data [dey-tuh] noun: individual facts or statistics Information [in-fer-mey-shuhn] noun: knowledge concerning a particular fact or circumstance When does data become consumable information? When we correctly manage security, we integrate security devices into our infrastr ...
Posted 17 October 2012 by Cloud Security Alliance (CSA)
0
comments
Compliance in the Cloud
Earlier in the year Quocirca was asked a surprising question along these lines: “If we use a cloud-based storage service and there is a leak of personal data, who is responsible, us or them?” Make no mistake, the answer is, that regardless of how and where data is stored, the responsibil ...
Posted 30 August 2012 by Bob Tarzey
0
comments
By Allen Allison Regardless of your industry, customer base, or product, it is highly likely that you face regulatory compliance requirements. If you handle Protected Health Information (PHI), the Health Insurance Portability and Accountability Act (HIPAA) – along with the HITECH enhancement ...
Posted 04 November 2011 by Cloud Security Alliance (CSA)
0
comments
Avoiding (awful) bad practice at audit time
Quocirca saw an estimate recently that IT security managers can spend as much as 30% of their time preparing for and delivering audits. This is mundane and uninteresting work and if it can be automated – all the better. However, recent Quocirca research, sponsored by sys-admin tools vendor Osi ...
Posted 18 October 2011 by Bob Tarzey
0
comments
Failing PCI Policy?
This is a good read if you missed it – the most recent report by the ever-interesting Verizon PCI and Risk Intelligence Teams on the state of PCI Compliance. It's the usual mix of "no surprise there" moments followed by a few "Huh, really?  REALLY?" sections. Ov ...
Posted 13 October 2011 by Geoff Webb
0
comments
Test Accounts: Another Compliance Risk
By Merritt Maximi A major benefit associated with deploying identity management and/or identity governance into an organization is that these solutions provide the ability to detect and remove orphan accounts. Orphan accounts refer to active accounts belonging to a user who is no longer involved w ...
Posted 07 October 2011 by Cloud Security Alliance (CSA)
0
comments
Five Ways to Achieve Cloud Compliance
By Allen Allison With the rapid adoption of cloud computing technologies, IT organizations have found a way to deliver applications and services more quickly and efficiently to their customers, incorporating the nearly ubiquitous utility-like platforms of managed cloud services companies. The use ...
Posted 26 August 2011 by Cloud Security Alliance (CSA)
0
comments
Often when I chat with people within the industry, the one thing I expect is a consistent message akin to a broken record. De-perimiterization, consumerization, defense in depth – the list of things I hear brought up in nearly every conversation is as fine tuned as a political candidate&rsqu ...
Posted 23 June 2011 by Drew Amorosi
0
comments
Who Moved My Cloud?
By Allen Allison Managed cloud services are quickly being adopted by large enterprises. Organizations are increasingly embracing cloud technologies for core services like financial systems, IT infrastructure, online merchant sites, and messaging solutions. This adoption rate is creating an ever-i ...
Posted 03 May 2011 by Cloud Security Alliance (CSA)
0
comments
By Eric Baize In Survey after survey, security and more specifically the lack of control and visibility around what is happening to your information on cloud provider premises, is listed as the number one barrier to cloud adoption. So far, there have been two approaches to solving the problem: ...
Posted 25 January 2011 by Cloud Security Alliance (CSA)
1
comment
Practicing Continuous PCI DSS Compliance
  The importance of ongoing/continuous PCI DSS compliance processes as an effective means to curb security breaches at a merchant’s site is being touted by many experts in the PCI field lately. Verizon's recommendations also mention this importance in it’s recently released report ...
Posted 07 October 2010 by Ajay Gupta
4
comments
HITECH, breaches, and a little sunlight
A good article in InfoSecurity on May 5th on the HITECH act got me thinking (as good articles should) about health records, security, and well, all things HIPAA-ish. I certainly agree with much of what was said, and I think it’s clear that the pressure is ramping up rapidly to not only comply ...
Posted 13 May 2010 by Geoff Webb
0
comments
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Internally, we often think about how we can make it easier for our customers to manage compliance in the ...
Posted 18 February 2010 by Roger Halbheer
Showing 1 - 20 of 23 blogs
View the RSS feed for this blog »
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×