Compliance

Compliance news, analysis, research, how-to, opinion, and video.

money game
mobile payments

cracks in wall

SAFETY Act liability shield starts showing cracks

This week, Salted Hash has examined the Department of Homeland Security's (DHS) SAFETY Act, and FireEye's promise to customers that their certification under the act provides them protection from lawsuits or claims alleging that the...

security protection defending shield soldier battle warrior

FireEye offers new details on customer liability shields under the SAFETY Act

On Friday, Salted Hash explored the announcement from FireEye that their customers now have a liability shield due to being certified by the Department of Homeland Security (DHS) under the SAFETY Act. Now the company has released...

security protection defending shield soldier battle warrior

FireEye customers get liability shield thanks to SAFETY Act

Last week, the Department of Homeland Security (DHS) certified FireEye under the SAFETY Act, providing their customers protection from lawsuits or claims alleging that the products failed to prevent an act of cyber-terrorism.

4 approach

3 experts teach you how to properly scope your PCI assessment

When it comes to PCI, getting your scope right is more important than just getting a cheaper, faster assessment. Learn how to do it right with insights from 3 experts.

pci cloud

A CISO reveals why the cloud is your secret weapon for faster, better, and cheaper PCI audits

Combining cloud with PCI is the recipe Joan Pepin, CISO of SumoLogic, used to achieve compliance faster, cheaper, and better. Here is what she did.

cloud head

Your guide to compliance in the cloud

You can ensure cloud compliance with PCI DSS, HIPAA and other regulatory requirements, but it takes investigation and persistence to get the answers and documentation you need to prove it.

fatigue

‘Compliance fatigue’ sets in

With compliance frameworks expanding, becoming more complicated and covering more things, some organizations say they are overwhelmed with trying to keep up. Experts are sympathetic, but say the alternative is to increase the risk of...

pci security compliance

Verizon report: Security testing compliance down from last year

Compliance rates between audits increased substantially across all PCI DSS requirements except for security testing, according to a report released Wednesday by Verizon. In particular, the ratio of companies compliant on Requirement...

Detail view of organized medical files    87333166

Anthem accused of avoiding further embarrassment by refusing audit

Anthem Inc., the nation's second largest health insurer, has refused a request for an IT Security audit citing corporate policy. This is the second time the organization has refused an audit request from the Office of Personnel...

evidence

Report says security breaches don't hurt business

A new report presents evidence that calls commonly held assertions about breaches into question. Here are some key findings with suggestions for discussion.

3 things CSOs can learn from CPOs

The role of the CSO and CIO has been changing dramatically and sometimes, it can be hard to keep up -- but there are some tricks that CSOs and CIOs can pick up from their Chief Procurement Officers.

law books on consumer protection 147082370

Cyberthreat sharing must include strong privacy protections, advocates say

Lawmakers will push for information-sharing legislation, but some groups want them to address past privacy concerns

121615 chrome ex primary

New Chrome extension spots unencrypted tracking

TrackerSSL is aimed at alerting websites of insecure tracking via Twitter

sitting on cloud

Do executives think you are relevant to cloud security decisions?

Findings from a recent report suggest the need to make some shifts to stay relevant in executive and board-level conversations about security

privacy info protect ts

People are increasingly worried about privacy, say legal protections fall short

Technology has had a negative impact on privacy, said a majority of those questioned in a recent global survey

hospital records

Why healthcare providers need to take HIPAA risk assessments seriously

It’s important to get an independent outside consultant to perform this critical assessment.

Digital globes composed of ones and zeros

Virtual machines could be the gold standard for network security

Design a VM gold image right, build in all the security and monitoring that you need, keep it maintained, build out all the documentation your organization might need for security and compliance. When the business needs a new server...

pci security compliance

5 ways PCI is becoming more security-conscious next year

The newest Payment Card Industry Data Security Standard, PCI DSS 3.0, is going into effect at the start of 2015, and it is all about security instead of compliance.

Load More