CSOONLINE.com

CSOONLINE.com - Audit http://www.csoonline.com/ en_us (c) Copyright 2009 CXO Media, Inc. All Rights Reserved. Sat, 21 Nov 2009 12:18:16 GMT 2009-11-21T12:18:16Z en_us (c) Copyright 2009 CXO Media, Inc. All Rights Reserved. The Mass. 201 CMR 17 Survival Guide http://www.csoonline.com/article/508039/The_Mass._201_CMR_17_Survival_Guide?source=rss_audit As companies scramble to meet the requirements of the Bay State's data security law, CSOonline.com offers this collection of articles and podcasts to help IT security practitioners and compliance officers find the best approach. Wed, 18 Nov 2009 05:00:00 GMT Bill Brenner http://www.csoonline.com/article/508039/The_Mass._201_CMR_17_Survival_Guide?source=rss_audit 2009-11-18T05:00:00Z The Patch Tuesday Survival Guide http://www.csoonline.com/article/504977/The_Patch_Tuesday_Survival_Guide?source=rss_audit Overwhelmed by Tuesday's security patch avalanche from Microsoft and Adobe? Here's a collection of articles that will help you approach patch management with sanity. Wed, 14 Oct 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/504977/The_Patch_Tuesday_Survival_Guide?source=rss_audit 2009-10-14T04:00:00Z Why Pen Testing Is Central to Pennsylvania's App Security http://www.csoonline.com/article/503004/Why_Pen_Testing_Is_Central_to_Pennsylvania_s_App_Security?source=rss_audit In this Q&A, Commonwealth of Pennsylvania CISO Robert Maley explains why penetration testing has become an essential tool in his security arsenal. Wed, 23 Sep 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/503004/Why_Pen_Testing_Is_Central_to_Pennsylvania_s_App_Security?source=rss_audit 2009-09-23T04:00:00Z 4 Ways to Get the Most from Your PCI QSAs http://www.csoonline.com/article/501663/4_Ways_to_Get_the_Most_from_Your_PCI_QSAs?source=rss_audit In response to Heartland CEO Robert Carr's claim that his qualified security assessors (QSAs) missed key weaknesses during a PCI security audit of his company, security experts offer tips to get the most from an assessment. Wed, 09 Sep 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/501663/4_Ways_to_Get_the_Most_from_Your_PCI_QSAs?source=rss_audit 2009-09-09T04:00:00Z One Man's View: Heartland CEO Must Accept Responsibility http://www.csoonline.com/article/499565/One_Man_s_View_Heartland_CEO_Must_Accept_Responsibility?source=rss_audit Security Incite's Mike Rothman read our interview with Heartland's CEO and didn't like it one bit. Here's why. Thu, 13 Aug 2009 04:00:00 GMT http://www.csoonline.com/article/499565/One_Man_s_View_Heartland_CEO_Must_Accept_Responsibility?source=rss_audit 2009-08-13T04:00:00Z PCI, QSAs, Hackers, and Slackers: Will the Real Enemy Please Stand Up? http://www.csoonline.com/article/499583/PCI_QSAs_Hackers_and_Slackers_Will_the_Real_Enemy_Please_Stand_Up_?source=rss_audit CSO Senior Editor Bill Brenner dives into a contentious debate over the Heartland CEO's tirade against QSAs and searches for reason. Will he find it? Thu, 13 Aug 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/499583/PCI_QSAs_Hackers_and_Slackers_Will_the_Real_Enemy_Please_Stand_Up_?source=rss_audit 2009-08-13T04:00:00Z Mass 201 CMR 17: A Survival Guide for the Anxious http://www.csoonline.com/article/497934/Mass_201_CMR_17_A_Survival_Guide_for_the_Anxious_?source=rss_audit Security experts offer tips for navigating Mass 201 CMR 17. Will your business be ready? Thu, 23 Jul 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/497934/Mass_201_CMR_17_A_Survival_Guide_for_the_Anxious_?source=rss_audit 2009-07-23T04:00:00Z Sue the Auditor and Shut Down the Firm http://www.csoonline.com/article/496923/Sue_the_Auditor_and_Shut_Down_the_Firm?source=rss_audit Rothke and Mundhenk: "We are all in favor of throwing incompetent auditors to the dogs. Conversely, any organization that refuses to remediate security gap findings should be given an injunction" Thu, 09 Jul 2009 04:00:00 GMT http://www.csoonline.com/article/496923/Sue_the_Auditor_and_Shut_Down_the_Firm?source=rss_audit 2009-07-09T04:00:00Z Top 10 Reasons the Firewall Guy's Hair is on Fire http://www.csoonline.com/article/496085/Top_10_Reasons_the_Firewall_Guy_s_Hair_is_on_Fire?source=rss_audit The firewall is a mature technology, right? Then why do those who manage it feel like they're running a daycare overrun with little savages? Fri, 26 Jun 2009 04:00:00 GMT http://www.csoonline.com/article/496085/Top_10_Reasons_the_Firewall_Guy_s_Hair_is_on_Fire?source=rss_audit 2009-06-26T04:00:00Z PCI Security Pain: Amid Recession, Merchants Struggle to Comply http://www.csoonline.com/article/495866/PCI_Security_Pain_Amid_Recession_Merchants_Struggle_to_Comply?source=rss_audit With the recession drying up compliance budgets, merchants send PCI Security Standards Council General Manager Bob Russo a letter asking for help (includes audio). Thu, 25 Jun 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/495866/PCI_Security_Pain_Amid_Recession_Merchants_Struggle_to_Comply?source=rss_audit 2009-06-25T04:00:00Z Social Engineering: 5 Security Holes at the Office (Includes Video) http://www.csoonline.com/article/494464/Social_Engineering_5_Security_Holes_at_the_Office_Includes_Video_?source=rss_audit We poked around a secure building with social engineering expert Chris Nickerson and found several ways a criminal could get inside and access sensitive data. Mon, 08 Jun 2009 04:00:00 GMT Joan Goodchild http://www.csoonline.com/article/494464/Social_Engineering_5_Security_Holes_at_the_Office_Includes_Video_?source=rss_audit 2009-06-08T04:00:00Z Social Engineering: The Fine Art of BS, Face to Face (Includes Video) http://www.csoonline.com/article/494463/Social_Engineering_The_Fine_Art_of_BS_Face_to_Face_Includes_Video_?source=rss_audit A confrontation with a facilities manager demonstrates social engineers' complete comfort dealing with (and manipulating) conflict. Mon, 08 Jun 2009 04:00:00 GMT Joan Goodchild http://www.csoonline.com/article/494463/Social_Engineering_The_Fine_Art_of_BS_Face_to_Face_Includes_Video_?source=rss_audit 2009-06-08T04:00:00Z Information Systems Audit: The Basics http://www.csoonline.com/article/492804/Information_Systems_Audit_The_Basics?source=rss_audit What should you expect from an IS audit? Jennifer Bayuk spells out the audit process, step by step. Mon, 18 May 2009 04:00:00 GMT http://www.csoonline.com/article/492804/Information_Systems_Audit_The_Basics?source=rss_audit 2009-05-18T04:00:00Z Where PCI DSS Still Falls Short (and How to Make it Better) http://www.csoonline.com/article/491173/Where_PCI_DSS_Still_Falls_Short_and_How_to_Make_it_Better_?source=rss_audit Former CISO and Symantec strategic consulting director Ariel Silverstone goes through PCI DSS line by line and offers suggestions to make it more effective. Wed, 29 Apr 2009 04:00:00 GMT http://www.csoonline.com/article/491173/Where_PCI_DSS_Still_Falls_Short_and_How_to_Make_it_Better_?source=rss_audit 2009-04-29T04:00:00Z 3 Ways Pen Testing Helps DLP (and 2 Ways It Doesn't) http://www.csoonline.com/article/487238/3_Ways_Pen_Testing_Helps_DLP_and_2_Ways_It_Doesn_t_?source=rss_audit Orbitz CISO Ed Bellis says penetration testing is a valuable tool in his data loss prevention arsenal. But it won't help him find everything. Mon, 30 Mar 2009 04:00:00 GMT Bill Brenner http://www.csoonline.com/article/487238/3_Ways_Pen_Testing_Helps_DLP_and_2_Ways_It_Doesn_t_?source=rss_audit 2009-03-30T04:00:00Z