- May 17, 2010
The Williams Cos. Inc. had more than 900 IT controls related to SOX compliance, many redundant. With patience and "highly configurable" GRC software, the chaos is under control.
- May 08, 2010
I am not the only one who wondered if the stock market "jitterations" Thursday were caused by an act of computer terrorism. Like a lot of people apparently, I pondered whether the theoretical ...
- May 03, 2010
A survey of Qualified Security Assessors (QSAs) on how businesses are dealing with the 12 mandatory requirements of the Payment Card Industry Security Standard (PCI DSS) contains a number of ...
- April 27, 2010
The courts will eventually determine whether the profiteers at Goldman Sachs who spun toxic securities into gold were extremely skilled players in the legal gambling dens of Wall Street, or whether ...
- April 26, 2010
BWise's latest innovation integrates continuous controls monitoring (CCM) with its GRC management suite. CTO Luc Brandts talks about the relative strengths and weaknesses of each.
Sponsored by evident.io - One of the most important challenges for CIOs and CISOs is to gain visibility into their cloud security stance. If they can’t identify where security or compliance gaps exist, how can they be expected to put the proper controls and protections into place? See More
Sponsored by IBM - B2B value chains have always been complicated webs of different data types and standards. During the past few years, however, complexity has increased dramatically, with staggering levels of data growth and the deployment of innovative new IT initiatives, such as cloud computing, the Internet of Things (IoT), social media and big data analytics. See More
Sponsored by evident.io - Whether you are responsible for overall IT, IT security, DevOps or regulatory compliance, chances are public cloud services are an ever-growing part of your portfolio. This can be great for the business, enabling lower costs, greater agility and faster speed to market. But it can present new and difficult challenges in ensuring security and compliance. See More
Sponsored by IBM - This is a critical time in the evolution of business-to-business integration. Companies are becoming much more reliant on digital technologies for day-to-day business activities. IDC says digital transformation is changing the way enterprises operate and reshaping the global economy. See More
- April 21, 2010
The Supreme Court's decision in a "sexting" case involving a police officer and a pager could broadly affect employee privacy rights -- or not. Either way, the message for CIOs is clear.
- April 16, 2010
I’ll start with the possibly infuriating hypothesis: There’s money to be made from governance, risk and compliance (GRC) software by vendors, of course, but also for enterprise IT shops. And it is ...
- April 05, 2010
Interest in cyberinsurance is rising in the wake of data breach notification laws and as more is learned about the potential cost of a data breach. The question is: Do you need it?
- March 31, 2010
A powerful collection of organizations has formed a new coalition to push for an update to the Electronic Communications Privacy Act (ECPA). Members of the coalition include Google, Microsoft, ...
- March 29, 2010
A new act introduced in the U.S. House of Representatives proposes reforming FISMA compliance to better address risks posed by cybersecurity threats and cloud computing.
- March 26, 2010
The cloudiness of cloud computing security is already getting to be an old joke -- certainly, an overused headline. But it was no joke this week listening to the head of IT security at Boston ...
- March 26, 2010
In a public seminar held earlier this week on eXtensible Business Reporting Language (XBRL) compliance, the Securities and Exchange Commission (SEC) offered further guidance on how it expects ...
- March 24, 2010
FTC experts recommend the creation of new online privacy frameworks that can keep pace with technology.
- March 23, 2010
A revision of the Cybersecurity Act removes an Internet kill-switch provision, clarifies certification and expands public-private cooperation on federal cybersecurity compliance.
- March 16, 2010
As more legislation on P2P file-sharing security risks makes its way into the Senate, the FTC offers guidance to protect against data breaches.