Compliance

Compliance news, analysis, research, how-to, opinion, and video.

pci cloud
cloud head

fatigue

‘Compliance fatigue’ sets in

With compliance frameworks expanding, becoming more complicated and covering more things, some organizations say they are overwhelmed with trying to keep up. Experts are sympathetic, but say the alternative is to increase the risk of...

pci security compliance

Verizon report: Security testing compliance down from last year

Compliance rates between audits increased substantially across all PCI DSS requirements except for security testing, according to a report released Wednesday by Verizon. In particular, the ratio of companies compliant on Requirement...

Detail view of organized medical files    87333166

Anthem accused of avoiding further embarrassment by refusing audit

Anthem Inc., the nation's second largest health insurer, has refused a request for an IT Security audit citing corporate policy. This is the second time the organization has refused an audit request from the Office of Personnel...

evidence

Report says security breaches don't hurt business

A new report presents evidence that calls commonly held assertions about breaches into question. Here are some key findings with suggestions for discussion.

3 things CSOs can learn from CPOs

The role of the CSO and CIO has been changing dramatically and sometimes, it can be hard to keep up -- but there are some tricks that CSOs and CIOs can pick up from their Chief Procurement Officers.

law books on consumer protection 147082370

Cyberthreat sharing must include strong privacy protections, advocates say

Lawmakers will push for information-sharing legislation, but some groups want them to address past privacy concerns

121615 chrome ex primary

New Chrome extension spots unencrypted tracking

TrackerSSL is aimed at alerting websites of insecure tracking via Twitter

sitting on cloud

Do executives think you are relevant to cloud security decisions?

Findings from a recent report suggest the need to make some shifts to stay relevant in executive and board-level conversations about security

privacy info protect ts

People are increasingly worried about privacy, say legal protections fall short

Technology has had a negative impact on privacy, said a majority of those questioned in a recent global survey

hospital records

Why healthcare providers need to take HIPAA risk assessments seriously

It’s important to get an independent outside consultant to perform this critical assessment.

Digital globes composed of ones and zeros

Virtual machines could be the gold standard for network security

Design a VM gold image right, build in all the security and monitoring that you need, keep it maintained, build out all the documentation your organization might need for security and compliance. When the business needs a new server...

pci security compliance

5 ways PCI is becoming more security-conscious next year

The newest Payment Card Industry Data Security Standard, PCI DSS 3.0, is going into effect at the start of 2015, and it is all about security instead of compliance.

pci security compliance

5 PCI Compliance gaps

With the holiday shopping season coming up, and crooks lining up to take advantage of the stress and confusion, this is a good time for merchants to review their payment security procedures.

adobe logo

Adobe's e-reader software collects less data now, EFF says

Digital Editions 4.0.1 doesn't send data on e-books without DRM and uses encryption

Internet of Things hack security smart home

Industry can head off IoT privacy rules, former US official says

Connected devices raise new concerns about personal data

china icloud

China attacks lead Apple to alert users on iCloud threats

China has allegedly staged the attack, according to an anti-censorship group.

os x yosemite spotlight

Apple's Yosemite OS shares Spotlight search terms by default

An engineer who's studied the new OS criticized its privacy settings

students

Microsoft and other firms take pledge to protect student privacy

Fourteen companies have promised not to sell student data or use it for advertising

Load More