Poor application security creates supply chain risk, security threat
Facing uncertainty, IT turns to governance, risk and compliance, ERM
Google adds Dashboard: Does transparency mean more online privacy?
NERC CSO warns of cybersecurity threats, risk to electric grid
McCain answers new FCC net neutrality rules with Internet Freedom Act
SAP sees green in sustainability software for carbon compliance
ISO 27001 certification not enough for verifying SaaS, cloud security
Electronic privacy integral to identity management standards, says DHS
GPS devices, geolocation data create privacy, security risks
Data breach notification law SB 20 strikes right balance: Simitian
HITECH moves electronic health records forward; standards to come
Mass. data protection regulation passes big test in public hearing
Healthcare, cybersecurity policy and privacy on legislative agenda
Survey shows privacy policy success lies in collaboration with IT
Record locator service a step to health information exchange
OpenID federated identity framework set for .gov authentication pilot
U.S. CIO Vivek Kundra on Data.gov, OpenID and government transparency
FTC pursuing HIPAA violations as a matter of consumer protection
New HIPAA data breach notification rules put health industry on notice
Mass. data protection law requirements amended, deadline extended
Security and privacy top IT agenda for Massachusetts CIO
The Web of social media and compliance: Online privacy regulations
The Web of social media and compliance: The ECPA and online privacy
The Web of social media and compliance: Online privacy policy
U.S., EU personal data protection laws make e-discovery risky
Security concerns may mean peer-to-peer file sharing days are over
How CISOs can leverage the internal audit process
Implementing compliance with the Massachusetts data protection act
Mass. officials, compliance officers debate data protection law
How to build a mature information security program: A crisis helps
Compliance concerns dog enterprise 2.0 collaboration platforms
Strategic risk management includes risk-based approach to compliance
Scale aside, cloud computing compliance still worries IT managers
Twitter security risks, popularity spark regulatory concerns
Is all the PCI DSS compliance whining and complaining justified?
Top regulatory compliance trends that will affect IT in 2009
SEC commish, FINRA head: Reform financial services regulations
Financial crimes resulting in increased compliance enforcement
Ex-SEC chief Pitt decries state of Sarbanes-Oxley and risk management
Startup helps turn carbon footprint management into cost savings
Open Group releases log management update, risk management guide
Cloud computing forecast: Some risk ahead
Mass. Senate seeks to amend, weaken data breach notification law
Voices from RSA: McAfee's George Kurtz on compliance strategy
Voices from RSA: CA's Dave Hansen on compliance strategy
Biometric security data adds layer of privacy compliance risk
Cloud computing providers debate compliance, security and transparency
ICE Act would restructure cybersecurity rule, create White House post
Kill-switch bill would add certification, licensing burdens
Panels describe risks of noncompliance with Mass. data protection law
Recovery Act puts teeth in HIPAA regulations
Five steps to get started with a GRC program
How State Farm saves millions on electronic data discovery
Economic downturn won't kill regulatory compliance projects
GRC software alone won't break down risk management silos
Compliance management: GRC software may not be the answer
Hacked dental school server compromises 300,000
Kazeon introduces federated electronic discovery tool for remote data
IRS faulted for lax security controls, dangerous data risks
Compliance management: How to keep the IT auditors away
How the SEC's proposed IFRS will affect your accounting systems
Electronic health record adoption an issue for health care CIOs
Consensus Controls project aims to set benchmarks for compliance
Electronic records retention: What's your company policy?
Identity management begins with the roles people play
Google amends log retention rules, privacy advocates respond
Software audit painful and costly for the noncompliant
SEC filings may soon require XBRL -- to your advantage
Clearwell makes its electronic discovery search more transparent
PCI groups to focus on wireless, pre-authorization changes
Organization develops health care security framework
Digitized data creates storage management and compliance challenges
E-records management moves up the state CIO agenda
Security monitoring tools: Better to buy than build?
HP targets compliance officers with refreshed database archiving software
Pre-emptive strategy best approach to breach notification
Compliance-burdened CIOs turning to security management tools
PCI compliance a good start, but not enough
School districts wrestling with ABCs of electronic discovery, compliance
Health care new vertical sweet spot for security vendors
Log management vendors offer affordable compliance products
An IT auditor among us
Medical device makers tackle FDA rules with PLM
The State of State Security Breach Notification Laws