Dark Reading
Protect The Business - Enable Access
Click here for more info!
Dark Reading's Compliance Tech Center is your portal to all the news, guidelines, product information, technical recommendations, and other information related to the topic of security and industry/regulatory compliance. Written for those who manage compliance programs as well as security and IT professionals, the Compliance Tech Center is a single community dedicated to the discussion of security issues as they relate to compliance with common regulations, including PCI DSS, HIPAA, SOX, FFIEC, GLBA, NERC, FISMA, and other industry/regulatory standards.
Breaking News
Avoid Putting IT In A GRC Vacuum
When infosec pros are asked to set security and compliance policies with no line-of-business input, problems are inevitable
Big Data Could Create Compliance Issues
The bigger data sets grow, the harder compliance could become
EU's More Stringent Data Privacy Proposal Poses Challenges For Businesses
Proposed changes to data privacy laws in Europe have garnered mixed praise
More Stories:
- The Day (Some Of) The Web Went Dark
- Top 10 PCI Compliance Mistakes
- Using HIPAA To Advance Your Security Initiative
- Three Surefire Ways To Tick Off An Auditor| 3 Comments
- How Ready Are Banks For FFIEC?
- 10 Best Practices For Meeting SOX Security Requirements
- 2012 Compliance Checklist
- PCI Rules Apply Even On Black Friday| 1 Comments
MORE NEWS >>>
By The Numbers
Total Annual Budget For Compliance Activities, 2011
Source: PriceWaterhouseCoopers 2011 State of Compliance Study, Broader perspectives; higher performance. State of Compliance: 2011 Study
Blog
Being A Security Bully Does Not Make You CompliantFebruary 15, 2012
Compliance is not a tool for dodging work or dismissing business needs
Around The Web
PR NEWSWIRE
HITECH Act Puts Security Of Electronic Medical Records In The Hands Of Hosting Providers
Hosting providers now responsible for more control, auditing and reporting
PAYMENTS SOURCE
Special Groups Let PCI Council Focus On Pressing Security Needs
With 700 members, group seeks out methods to manage standards process
OFFICE OF INADEQUATE SECURITY
DHS Official Says ISPs Would Likely Be Covered By Obama Cybersecurity Plan
ISPs would be among private sector companies that would be subject to federal oversight
BANK DIRECTOR
Can Technology Ease The Compliance Burden?
Many banks are developing new techniques, technologies for tracking and managing compliance
OFFICE OF INADEQUATE SECURITY
Data Breach Disclosures May Decline By 50 Percent Under Proposed Bills
National bill would raise the trigger for disclosure, experts say
HEALTH LEADERS
HIPAA Auditor Involved In Own Data Breach
Company hired to do audit loses unencrypted flash drive containing more than 4,500 patient records
THREAT POST
Are Anonymous Members Formed In The Crucible Of IT Compliance?
Some experts posit that Anonymous could be made up of security professionals frustrated by the hamstrings of compliance and auditing
GOVERNMENT INFO SECURITY
GAO, State Department Clash Over IT Security Documentation
State says documentation counters the spirit of continuous monitoring
Compliance Reports
Security Via HIPAA Compliance
IT organizations in the healthcare industry can make tremendous progress on security initiatives using the HIPAA Security Rule for leverage. Here are some insights on how compliance initiatives can be the catalyst you need to build out your organization's IT security program.
Security via SOX Compliance
The effort to achieve and maintain compliance with Sarbanes-Oxley requirements remains one of the primary drivers behind many IT security initiatives. In this report, we share 10 best practices to meet SOX security-related requirements and help ensure you'll pass your next compliance audit.
Security via PCI Compliance? Yes, If You Play Your Cards Right
By teaming up with peers on the compliance side, doing appropriate scoping and preparation, and paying attention to
emerging standards, security practitioners can leverage PCI compliance activities to improve the security game of the
company as a whole.
Other reports from the Compliance Tech Center:
Related Content
| Sponsored by: |  |
IT Operations Strategies: Manage Applications, Servers and Enterprise Infrastructure
Cut the time and effort of troubleshooting and reporting. ArcSight Logger provides better visibility into IT data to help manage applications, servers and enterprise infrastructure.
Log Management Facilitates IT Operations
Governments and businesses are increasingly vulnerable to cyber-attacks by hackers, malware and malicious insiders. Learn how logs can be used for forensic analysis of cyber-security incidents. Get the key requirements for a universal log management solution and discover how ArcSight Logger delivers on those requirements.
Cost-effectively Automate PCI Audits
Get turnkey and automated PCI compliance. ArcSight PCI Logger is an all-in-one log collection, storage and analysis solution for cost-effective automation of PCI audits and proactive protection of cardholder data.
Priority Health Combats Major Security Issues
Priority Health's ArcSight ESM deployment immediately addressed its most serious security issues. Data from firewalls, syslogs, IDS and Web servers was integrated into a single console -- providing much-needed visibility across the organization.
Case Study: Fiserv Tackles Compliance Challenges
ArcSight Logger makes it possible for Fiserv to quickly sift through terabytes of log data and isolate log events needed for compliance.
Compliance Newsfeed
- Layered Tech Becomes First Hosting And Cloud Provider Offers Compliance Guarantee
- Symantec Control Compliance Suite 11 Release
- ID Experts Announces New Breach Product
- ControlScan Launches ProTect Managed Security Services
- Infoblox And CA Technologies Deliver Network Automation And Compliance Capabilities
- SITA First To Achieve PCI Security Compliance For Passenger Processing
MORE NEWSFEED >>>
