Risk management and compliance news, help and research

Risk management and compliance News

September 11, 2020 11 Sep'20
Mega Hopex update focuses on aligning IT to business goals

Mega's Hopex upgrade adds IT Business Management, Information Architecture and Risk Management features designed to help users keep their technology in line with business goals.
February 07, 2019 07 Feb'19
Gartner: Expanding SOC capabilities a priority for enterprises

Reinvesting in SOCs and crafting clear risk appetite statements made the list of Gartner's top security and risk management trends. Experts sound off on what's driving these trends.
December 19, 2018 19 Dec'18
2018 articles spotlight innovation's cybersecurity and compliance risk

The top 2018 cybersecurity and compliance articles make a few things clear: digitization increases risk and requires innovative strategies to protect against evolving data threats.
October 31, 2018 31 Oct'18
Gartner Symposium 2018: 6 emerging trends in security

At Gartner Symposium 2018, analyst Peter Firstbrook highlighted the emerging trends in security that cybersecurity pros -- and their employers -- need to prep for in the next year.

Bring yourself up to speed with our introductory content

OPSEC (operations security)

OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines what is required to protect sensitive information and prevent it from getting into the wrong hands. Continue Reading
5 steps to achieve a risk-based security strategy

Learn about the five steps to implement a risk-based security strategy that will help naturally deliver compliance as a consequence of an improved security posture. Continue Reading
cloud security

Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyberthreats and cyber attacks. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Exploring GRC automation benefits and challenges

Governance, risk and compliance is a crucial enterprise task but can be costly and time-consuming. This is where GRC automation fits in. Learn about its benefits and challenges. Continue Reading
The 6 benefits of zero-trust security for businesses

The zero-trust security model demands infosec leaders take a holistic approach to IT infrastructure security. Learn about the six business benefits of zero trust and how it differs from traditional security approaches. Continue Reading
MSPs expand into managed physical security services

Companies such as Deep Sentinel and Viakoo are tapping partners to deliver physical security services. Learn how MSPs are incorporating physical security into their offerings. Continue Reading

Learn to apply best practices and optimize your operations.

ICIP IoT training: Get started with IoT risk management

Organizations must assess and prioritize risk management in their IoT investment to ensure their data and information assets are protected without overspending. Continue Reading
Prep a compliance audit checklist that auditors want to see

Think your enterprise is ready for its compliance audit? Check off key points in this compliance audit preparation checklist to ensure it has all the resources needed to help auditors do their job. Continue Reading
How to protect workloads using a zero-trust security model

Never trust, always verify. Learn how to implement a zero-trust security model to help manage risk and protect IT workloads at your organization. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

5 steps to help prevent supply chain cybersecurity threats

Follow five steps to lower the risk of supply chain cybersecurity threats, from creating third-party risk management teams to using blockchain and hyperledger and more. Continue Reading
In comparing GDPR and CCPA, lessons in compliance emerge

In anticipation of the CCPA Jan. 1, 2020, implementation date, business leaders should understand the parallels between GDPR and CCPA to learn from the EU's GDPR rollout period. Continue Reading
Guide to identifying and preventing OSI model security risks: Layers 4 to 7

Each layer of the Open Systems Interconnection presents unique vulnerabilities that could move to other layers if not properly monitored. Here's how to establish risk mitigation strategies for OSI layer security in Layers 4 through 7. Continue Reading