New & Notable
Risk management and compliance News
October 08, 2014
The prevalence of BYOD and cloud means corporate data is exposed to a wider risk landscape than ever before, security experts say. Learn how to make sure your mobile privacy and security policies can withstand modern threats.
October 02, 2014
As more corporate data loss and thefts dominate headlines, the number of mobile data-related regulations expands, and employees continue to hold user experience paramount, businesses must enact airtight mobile privacy policies, security experts say.
June 06, 2014
May #GRCchat participants share top information security threats and how to prevent data breaches caused by the biggest culprits: employees.
May 30, 2014
Tenable Network Security CSO Marcus Ranum reveals that data-driven intelligence is not as critical as system logging to security strategy.
Risk management and compliance Get Started
Bring yourself up to speed with our introductory content
A Certified Information Systems Risk and Compliance Professional (CISRCP) is a person in the information technology (IT) field that has passed an examination on risk and compliance topics developed by the International Association of Risk and ... Continue Reading
Unsystemic risk (also known as unsystematic risk) is a type of investment risk that is specific to an industry or organization. Continue Reading
OPSEC (operational security) is an analytical process that identifies assets such as sensitive corporate information or trade secrets, and determines the controls required to protect these assets. Continue Reading
Evaluate Risk management and compliance Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Today's sophisticated attacks can only be foiled when humans are in the loop. In part two of Future State, security expert Bruce Schneier gives advice on how to augment IR teams and processes for the future. Continue Reading
ISSA International Chair Stefano Zanero discusses how expanding threats force security pros to take a more proactive approach to data protection. Continue Reading
Target Corp. has made major executive changes in the months following its massive 2013 data breach as the company strives to reassure customers and rework digital information security processes. Continue Reading
Product ReviewsPowered by IT Central Station
Powered by IT Central Station
Use Of Solution: I worked on version 5 and then 6 for a total of 6 years. My personal score is 4 stars based on my experience with the latest...Continue Reading
Support can retrieve salient logging data from massive distributed systems in seconds but deployment is not easy.Powered by IT Central Station
I've been using Splunk for over 3 years now. The most valuable feature for me is alerting. Using Splunk, production support teams can retrieve...Continue Reading
I've evaluated Splunk and IBM Q1 but LogLogic is the best choice for log management. SIEM funcionailty needs improvementPowered by IT Central Station
Rating: If considering only the log management functionality (collecting, storing, search engine, reporting, alerting, etc.), I would give it...Continue Reading
Manage Risk management and compliance
Learn to apply best practices and optimize your operations.
More organizations are realizing that strong incident response is the best way to prevent future attacks, but IR is still underfunded. In this installment of Future State, security expert Bruce Schneier lays out the state of IR today. Continue Reading
How stalwart is your information security strategy, exactly? Can it handle today's particularly malicious variety of security threats? Take our quiz to find out. Continue Reading
The increased use of consumer-centric devices in the workplace forces IT governance teams to re-examine new technology deployment strategies. Continue Reading
Problem Solve Risk management and compliance Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Patrick Gilmore, CTO of the Markley Group, discusses how cloud providers and customers must work together to offset cloud security risk. Continue Reading
In this FAQ, learn how the Heartbleed vulnerability was discovered, the potential damage inflicted by the bug and advice to avoid security risks. Continue Reading
Security and compliance don't mean the same thing in Exchange deployments, but there are ways to make sure you have both. Continue Reading