IT AUDIT Articles
RSA 2010: Why 41 Percent of You Would Fail a PCI Audit
Miscellaneous news bytes from the RSA 2010 press room: QSAs tell Ponemon Institute that 41 percent of companies would bomb their PCI security audit; hackers industrialize their sinister revolution and VeriSign opens a new compatibility lab.
Five Security Missteps Made in the Name of Compliance
In the hurry to meet a regulatory compliance deadline, companies risk making some costly security mistakes. Here are five examples.
Report: Layer 7 Increasingly Under DDoS Gun
A new report shows an upward trend where attack tools exploit layer 7 to maximize the impact of DDoS assaults. Here's what you can do to blunt the threat.
Internal Investigations: The Basics
Internal investigations must uncover the truth about misconduct or fraud without damaging innocent employees. Here are the basics of how to plan and conduct a successful internal investigation.
The Great PCI Security Debate of 2010: Transcribed
For those who prefer to read as well as listen, here's a partial transcript of the PCI security debate that appeared on CSO Senior Editor Bill Brenner's Security Insights podcast and Martin McKeay's Network Security podcast.
PCI DSS, Come Forward and Be Judged
CSO Senior Editor Bill Brenner explains how seven IT security guys with differing views on the value of the PCI Data Security Standard came together for the mother of all debates. Before you get to hear the debate next week, go to the bottom of this article and get your PCI DSS primer.
Compliance as Security: The Root of Insanity
BT's Jason Stradley on how companies lose their way by confusing a completed compliance checklist with ironclad security.
The Mass. 201 CMR 17 Survival Guide
As companies scramble to meet the requirements of the Bay State's data security law, CSOonline.com offers this collection of articles and podcasts to help IT security practitioners and compliance officers find the best approach.
The Patch Tuesday Survival Guide
Overwhelmed by Tuesday's security patch avalanche from Microsoft and Adobe? Here's a collection of articles that will help you approach patch management with sanity.
Why Pen Testing Is Central to Pennsylvania's App Security
In this Q&A, Commonwealth of Pennsylvania CISO Robert Maley explains why penetration testing has become an essential tool in his security arsenal.
