Vulnerability assessment for compliance
- December 09, 2009
The U.S. House of Representatives passed the Data Accountability and Trust Act (DATA), H.R. 2221, the first step toward a comprehensive national data breach notification law.
- October 06, 2009
Emerging technologies that allow users to broadcast geographic locations raise many issues for companies, CIOs, while legislatures and the FTC consider legal aspects.
- August 04, 2009
There's likely peer-to-peer file sharing in your network, posing major IT security and privacy risks. The question is whether new laws or better scrutiny will solve this problem.
- July 28, 2009
Traditionally adversaries, CISOs and auditors can leverage each other's skills to move toward a risk-based approach to compliance.
- July 15, 2009
Sometimes it takes a crisis to build an information security program. Eric Cowperthwaite, CISO at Providence Health & Services, attests to that and has advice on security maturity.
- May 18, 2009
Cloud computing is merely the latest form of application hosting, but clouds disassociated from a company's physical assets pose critical questions about third-party compliance.
- April 30, 2009
Enterprises seeking to enter the cloud and remain both secure and compliant within regulatory guidelines were the subject of a panel at the RSA Conference.
- April 27, 2009
The Information and Communications Enhancement (ICE) Act would create a White House "cyber office" that would coordinate between government agencies and the private sector.
- October 03, 2008
The Consensus Controls project aims to provide organizations with a peer review system for IT controls.
- March 27, 2008
More than 4 million credit and debit card numbers were pilfered over three months from Hannaford Bros. Co. supermarket chain. The lesson for CIOs? A PCI checklist is not enough.