Powered By InformationWeek Business Technology Network
 
Welcome Guest. | Log In | Register | Membership Benefits

All News

Poorly Managed Firewall Rule Sets Will Flag An Audit  May 23, 2012
Auditors and compliance managers alike are depending on firewall management principles and tools to cut through the complexity

Obama Cybersecurity Czar Schmidt Steps Down  May 17, 2012
Howard A. Schmidt, the first-ever U.S. cybersecurity coordinator, has resigned and will retire later this month to enter academia

10 Symptoms Of Check-Box Compliance  May 07, 2012
These telltale signs show you care more about what the auditors think than what the attackers do

How To Boost Enterprise Security Via FFIEC Compliance  April 24, 2012
The banking industry's security guidelines might be your ticket to building out your security strategy. Here's how

Compliance Policy Development Do's And Don'ts  April 23, 2012
Policies are the keystone to good GRC, but many organizations don't write them well

Making Compliance Work  April 17, 2012
New Dark Reading Alert offers closer look at the successes and failures of security compliance

Are Today's Risk Management Frameworks Antiquated?  April 10, 2012
5 ways ISACA is updating its compliance framework, COBIT, to keep up with business and risk demands

IT's Hottest 'Necessary Evil'  March 30, 2012
While IT security pros may still find themselves defending their roles, they're also in a good spot when it comes to compensation, with a median base salary bump for staffs up a tidy $7,000 this year, according to the new The InformationWeek 2012 U.S. IT Salary Survey: Security

Will New FTC Privacy Recommendations Challenge E-Commerce?  March 28, 2012
Privacy recommendations from the FTC have been both lauded and criticized, but also triggered talk on the impact of changing attitudes toward privacy

Risk And Regulatory Overload  March 27, 2012
New study finds organizations worried about risk and compliance, but struggling to manage it all

FTP Ubiquitous And Dangerously Noncompliant  March 26, 2012
Its ease of use and prevalence notwithstanding, old-fashioned FTP introduces compliance and security risks

Using FISMA To Build Your Security Initiative  March 14, 2012
Government compliance standards can help drive improvements in enterprise security

Keeping Compliance Costs Down With Data Classification  March 12, 2012
Know what data is where to reduce compliance burden

Don't Let Data Drive Your Compliance Efforts  March 05, 2012
Compliance continues to be a driver for many security programs, but not necessarily for the right reason, says former NSA analyst and current Accuvant GRC guru Doug Landoll in an interview at the RSA Conference

EU's More Stringent Data Privacy Proposal Poses Challenges For Businesses  January 25, 2012
Proposed changes to data privacy laws in Europe have garnered mixed praise

The Day (Some Of) The Web Went Dark   January 18, 2012
Online protests today of SOPA/PIPA legislation blur future of anti-piracy efforts as several legislators back down

Top 10 PCI Compliance Mistakes  January 16, 2012
Configuration mistakes, access control gaffes and scoping issues top the list of common PCI errors

Using HIPAA To Advance Your Security Initiative  January 13, 2012
Healthcare compliance requirements can be a driver to improve your organization's overall security. Here's how

Three Surefire Ways To Tick Off An Auditor  January 03, 2012
Avoid these common mistakes to improve your chances for a smooth compliance audit

How Ready Are Banks For FFIEC?  December 19, 2011
Confusion abounds about new Federal Financial Institutions Examination Council (FFIEC) Supplement to the Authentication in an Internet Banking Environment

10 Best Practices For Meeting SOX Security Requirements  December 15, 2011
Sarbanes-Oxley regulations remain one of security's biggest drivers in public companies. Here are some tips on how to keep your organization in compliance

2012 Compliance Checklist  December 05, 2011
Security professionals need to consider these best practices and new compliance requirements as they ring in a new year.

PCI Rules Apply Even On Black Friday  November 23, 2011
Uptime may be the name of the game during the holiday shopping season, but retailers need to balance the focus with security and compliance best practices

Financial Institutions Shoring Up Compliance Plans For FFIEC Deadline  November 07, 2011
Most large to mid-size banks are well on their way with at least a road map to comply with tougher FFIEC authentication and anti-fraud guidelines

PCI Council Pegs Success On Community Involvement  October 27, 2011
The PCI Security Council celebrates its fifth anniversary this year with greater industry collaboration and more work ahead



Compliance Reports

report How To Boost Security Via FFIEC Compliance
With just a smartphone, users can conduct nearly all their banking business at any time of the day or night. However, all this flexibility and convenience opens up new avenues for fraud and cybercrime. Guidelines laid out by the FFIEC several years ago predate many of the capabilities-and vulnerabilities-that are in place today. In this report, we examine the latest guidelines and provide advice on how you can extend the work done to comply with FFIEC guidelines to strengthen your organization's overall security posture and keep customers and their data safe.

report Keeping Compliance In Check
Configuration mistakes, access control gaffes, poor documentation--it doesn?t take much for a compliance audit to go all wrong. In this special retrospective of recent news coverage, Dark Reading takes a look at the costs, common missteps and best practices for compliance, as well as the day the Internet nearly went dark due to the threat of new regulations.

report FISMA Lifts All Compliance Boats
FISMA may not be on your radar now, but it likely will be at some point. Geared specifically toward the federal government and its affiliate agencies and third parties, FISMA is a very specific set of requirements aimed at establishing and maintaining at least a baseline level of computer and network security. FISMA requires unique categorization and classification of information assets, not to mention a boatload of documentation to prove compliance. But once your organization achieves FISMA compliance, it will likely be compliant with just about every security mandate out there.

Other reports from the Compliance Tech Center:

Related Content

Log Management in 2012 and Beyond
2012 brings interesting changes to the log management world. Now, more than ever, it is critical to understand the impact to your log infrastructure and the solutions that will better prepare you to manage your security posture.

SANS Log Management Survey Report
Organizations are increasingly dependent on log management to support core business functions, including cost management, service level and line-of-business application monitoring, as well as traditional IT- and security-focused activities.

Cut the Time and Effort of Troubleshooting and Reporting
Organizations generate millions of logs a day and struggle with centralized collection, storage and analysis of those logs. ArcSight Logger is a universal log management solution that unifies searching, reporting, alerting and analysis across any type of IT data. It consolidates silos of logs into a single indexed repository for fast detection and mitigation of operational issues.

Get Turnkey and Automated PCI Compliance
PCI compliance monitoring is seamless with the self-contained ArcSight PCI Logger solution for log collection, storage and analysis. No database administration expertise is required and a web-based interface simplifies deployment and ongoing management.

Swiss Bank Meets Compliance Requirements and Protects Customer Data
Due to long-term data retention requirements, Swiss bank EFG needed a cost-effective way to collect, secure and store audit-quality log data in an easily accessible log repository. ArcSight Logger helps EFG meet key requirements of Switzerland?s banking laws fast and cost-effectively.




Featured Webcasts
Featured Whitepapers
Featured Reports