Industry specific requirements for compliance
- September 15, 2009
A government authentication test of the OpenID identity framework could usher in the beginnings of the "identity economy."
- September 11, 2009
U.S. CIO Vivek Kundra explains how the federal government is working toward transparency and data sharing in a video interview from the Gov 2.0 Summit.
- August 20, 2009
The nation's most comprehensive data protection law is refocused on risk, not prescriptive controls.
- June 18, 2009
Retailers are revolting against the PCI Council, calling for reform of PCI DSS compliance regulations, but security is simply part of the cost of doing business in today's world.
- June 16, 2009
The leading regulatory compliance trends for IT managers to watch in the second half of the year include new regulations and tougher enforcement of existing regulations.
- June 01, 2009
Software that helps optimize an organization's carbon footprint, water usage, energy usage and waste management can improve operations and save an enterprise real money.
- May 18, 2009
Cloud computing is merely the latest form of application hosting, but clouds disassociated from a company's physical assets pose critical questions about third-party compliance.
- May 14, 2009
A bill being discussed in the Massachusetts Senate proposes major changes to the state's data breach notification law, including encryption requirements and the law's jurisdiction.
- May 01, 2009
In this podcast, Dave Hansen offers perspectives, experience and useful advice of enterprise CIOs and CISOs tasked with managing compliance requirements.
- April 27, 2009
The Information and Communications Enhancement (ICE) Act would create a White House "cyber office" that would coordinate between government agencies and the private sector.
- February 17, 2009
A unified approach to GRC is easier said than done. In the first of our GRC Starting Gate series, a compliance expert lays out a roadmap based on a project with a major utility.
- August 21, 2008
The PCI Security Standards Council has started two special interest groups to focus on pre-authorization and wireless security issues.
- July 21, 2008
A new framework aims to help health care organizations deal with multiple requirements and provide specifics lacking in HIPAA.
- June 27, 2008
The PCI DSS 6.6 requirement moves from best practices to requirement June 30, 2008. Were you prepared?
- April 22, 2008
Notification law isn't something to learn on the fly. Drafting a post-data breach plan ahead of time could help save face as much as legal wrangling.