Welcome Guest. | Log In | Register | Membership Benefits

All NewsFeed

PCI Council Introduces New Certification & Training Program May 10, 2012
Council to provide training on secure installation of payment applications to support merchant PCI DSS compliance efforts

SureCloud Launches Unified Compliance Platform April 24, 2012
SaaS solution helps midmarket organizations automate and simplify security and compliance processes

Visa Strategy Manager Boosts Issuer Fraud Detection April 11, 2012
Helps issuers better pinpoint and stop fraud before it happens

LockPath Releases Version 2.3 Of Keylight Platform April 10, 2012
Keylight 2.3 gives users more flexibility when importing data into Dynamic Content Framework (DCF) tables

Information Security Forum Launches Threat Horizon 2014 March 28, 2012
Report challenges the traditional approach to managing security risks

Uncertainty Brings Heightened Risk Awareness In New Era, Says PwC US March 28, 2012
First annual report, titled Risk in Review, examines the state of global risk and discusses risk management approaches

Computop Launches Global PoS Network March 13, 2012
Computop Global PoS Network integrates MagTek IPAD EMV terminals with Paygate 5.0 to remove the need to receive actual card data during a PoS transaction in-store

Tufin Survey On Proposed Changes To EU Data Protection Laws Highlights Need To Automate Compliance Audits March 01, 2012
Tufin also asked respondents what they felt was best way to reduce the risk of a fine due to noncompliance

Proofpoint Extends Data Protection And Information Governance Solutions to Address Cloud-Based File Sharing, Collaboration And Social Media February 28, 2012
Proofpoint also announced a new integration with Box to offer enhanced security, compliance and control over documents shared via Box

Rapid7 And Modulo Deliver Integrated Vulnerability Risk And IT GRC Solutions To Empower Risk Management Programs February 27, 2012
As part of the alliance, the companies also announced that penetration testing risk data will be integrated in Q3 2012

nCircle And Core Security Announce Partnership February 27, 2012
Companies to integrate cloud, virtual and appliance solutions, and jointly go to market

Layered Tech Becomes First Hosting And Cloud Provider Offers Compliance Guarantee February 16, 2012
Company is adding an SLA so that all of its compliance services are guaranteed to pass 100 percent of every audit or assessment

Symantec Control Compliance Suite 11 Release February 14, 2012
Symantec Control Compliance Suite 11 features the new Control Compliance Suite Risk Manager module

ID Experts Announces New Breach Product February 14, 2012
RADAR 2.0 meets federal and state risk assessment and reporting requirements for privacy, security, and data breach incidents

ControlScan Launches ProTect Managed Security Services February 10, 2012
Service improves the security of websites and Web applications

Infoblox And CA Technologies Deliver Network Automation And Compliance Capabilities January 30, 2012
Infoblox Trinzic NetMRI is being bundled and integrated into the CA Unified Automation portfolio

SITA First To Achieve PCI Security Compliance For Passenger Processing January 19, 2012
Visa Inc. confirms SITA as PCI Compliant Global Service Provider for its common-use platform

Symantec Announces Intelligent Information Governance To Mitigate Risks And Free Information January 17, 2012
In addition, Symantec also announced the acquisition of LiveOffice

Free PCI Compliance Task List Provides Structure To Help Maintain PCI Security Standards January 11, 2012
Free whitepaper from KSC Enterprises can help ID deficiencies in existing process

Columbia Sportswear Leverages Tokenization And Encryption To Reduce PCI Scope January 11, 2012
will be implementing an integrated point-to-point encryption payment solution from Merchant Link, Equinox and Voltage Security

New Tokenization White Paper Answers Merchant Questions On PCI DSS Guidelines And Scope Reduction December 22, 2011
Paper provides practical guidance to merchants on how to use tokenization to reduce scope

Financial Institutions Will Be Rushing To Conform To New FFIEC Online Banking Security Expectations December 15, 2011
Majority of institutions plan to invest in online banking defenses, but nearly half are unclear on FFIEC’s minimum expectations for layered security

Syncplicity Launches Security And Compliance Console December 14, 2011
Syncplicity Security and Compliance Console enables native support for single sign-on

PCI Security Standards Council Announces Special Interest Groups November 15, 2011
Cloud computing, e-commerce security, and risk assessment voted priority issues by PCI community

Children's Hospital Oakland Research Institute Deploys Centrify To Centrally Manage Security And HIPAA Compliance November 09, 2011
Centrify Suite 2012 solution to centralize all security and policy controls for center's growing Macintosh and Linux user populations

Compliance Reports

How To Boost Security Via FFIEC Compliance
With just a smartphone, users can conduct nearly all their banking business at any time of the day or night. However, all this flexibility and convenience opens up new avenues for fraud and cybercrime. Guidelines laid out by the FFIEC several years ago predate many of the capabilities-and vulnerabilities-that are in place today. In this report, we examine the latest guidelines and provide advice on how you can extend the work done to comply with FFIEC guidelines to strengthen your organization's overall security posture and keep customers and their data safe.

Keeping Compliance In Check
Configuration mistakes, access control gaffes, poor documentation--it doesn?t take much for a compliance audit to go all wrong. In this special retrospective of recent news coverage, Dark Reading takes a look at the costs, common missteps and best practices for compliance, as well as the day the Internet nearly went dark due to the threat of new regulations.

FISMA Lifts All Compliance Boats
FISMA may not be on your radar now, but it likely will be at some point. Geared specifically toward the federal government and its affiliate agencies and third parties, FISMA is a very specific set of requirements aimed at establishing and maintaining at least a baseline level of computer and network security. FISMA requires unique categorization and classification of information assets, not to mention a boatload of documentation to prove compliance. But once your organization achieves FISMA compliance, it will likely be compliant with just about every security mandate out there.