Dora Gomez of the Association of Certified Fraud Examiners discusses why security professionals should set up a framework to deal with changing regulations and threats.
Regulatory compliance and technology innovation are making security more complex, so organizations need to look beyond technical base measures for metrics, says SAI Global's Andrew Bissett.
Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business. With security threats emerging faster than ever, what information is most important to protect? What happens if it's not protected? What strategic business...
Ira "Gus" Hunt, a security expert who was formerly CTO at the CIA, analyzes why many large healthcare provider organizations plan to boost cybersecurity spending in 2018 and discusses the role of emerging technologies.
Mobile capture is quickly becoming an important differentiator for many companies and organizations, especially those in traditionally document-intensive fields like banking, insurance, healthcare and government operations. According to a 2014 study conducted by AIIM, 45% of companies feel that mobile capture is...
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
Organizations generally do a good job focusing on governance, risk and compliance. But breaches add up, and LockPath CEO Chris Caldwell wonders "Where is the 'S' in GRC?" - where is the security?
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.
By December 6, 2011, all federal agencies must develop a compliance plan for how they will identify and protect Controlled Unclassified Information (CUI). Is your agency ready?
In this white paper, Patricia Hammar, executive secretary of the CUI Presidential Task Force, provides expert advice on developing a CUI...
This white paper details solutions designed for government agencies that provide the visibility, control and automation needed to support asset management across the IT asset life cycle, planning, acquisition, management and disposition of software, hardware and related licenses.
The result is lower asset costs,...
As government and state agency budgets fluctuate the demand for security has never been more important. Increasing regulations, differing requirements from international locales, and sophisticated attacks all contribute to serious challenges that call for thorough security solutions. Red Hat has deep security...
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
