Compliance
Compliance with corporate, government and industry standards and regulations is critical to meet business goals, reduce risk, maintain trust and avoid fines. Get advice on audit planning and management; laws, standards and regulations; and how to comply with GDPR, PCI DSS, HIPAA and more.
Top Stories
-
Tip
09 Sep 2024
How to create an AI acceptable use policy, plus template
With great power comes -- in the case of generative AI -- great security and compliance risks. Learn how an AI acceptable use policy can help ensure safe use of the technology. Continue Reading
By- Jerald Murphy, Nemertes Research
-
News
28 Aug 2024
Infosec experts applaud DOJ lawsuit against Georgia Tech
The Department of Justice joined a whistleblower lawsuit against Georgia Tech for allegedly misleading the Department of Defense about its cybersecurity posture. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
04 Mar 2021
Rebuild security and compliance foundations with automation
Instead of patchwork security fixes, financial organizations need to embrace automation, create and deploy secure software and address implementation problems. Continue Reading
By- Ehsan Foroughi
-
Guest Post
08 Jan 2021
7 cybersecurity priorities CISOs should focus on for 2021
For 2021, Vishal Salvi argues that CISOs should tie cybersecurity to business agendas better, invest in cloud security, implement IT hygiene, modernize security architecture and more. Continue Reading
By- Vishal Salvi
-
Tip
13 Nov 2020
How to use the Mitre ATT&CK framework for cloud security
Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Feature
07 Jul 2020
5 PCI DSS best practices to improve compliance
Increased rates of PCI noncompliance are worth examining, as are PCI DSS best practices and tips for small and medium-sized companies. Read more in-depth compliance coverage here. Continue Reading
By- Katie Donegan, Social Media Manager
-
Tip
28 May 2020
5 steps to determine residual risk during the assessment process
Even the best security controls have data management gaps that create risk. Here are steps to identify and offset residual risk during an assessment. Continue Reading
-
Feature
01 May 2020
One security framework may be key to cyber effectiveness
The Mitre ATT&CK security framework could best enable effective cybersecurity, according to The Chertoff Group, as could joining information sharing and analysis organizations. Continue Reading
By- Michael Heller, TechTarget
- 01 May 2020
-
Tip
17 Mar 2020
Get to know the elements of Secure Access Service Edge
Cloud services use cases continue to expand, but implementation challenges remain. Discover Secure Access Service Edge, or SASE, offerings and how they can simplify connectivity. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Feature
16 Mar 2020
How privacy compliance rules will affect IT security
As companies scramble to comply with consumer data privacy compliance mandates, like GDPR, CCPA and others on the horizon, IT security will shoulder much of the process burden. Continue Reading
By- Ben Cole, Executive Editor
-
Tip
11 Mar 2020
Updating the data discovery process in the age of CCPA
Privacy regulations are changing the enterprise data discovery process. Now, automation is key for fulfilling data discovery mandates, including those for CCPA and GDPR. Continue Reading
By -
Tip
05 Mar 2020
Use this CCPA compliance checklist to get up to speed
California leads the pack in terms of state regulations on data privacy and transparency. Now, it's time for businesses to be proactive with this CCPA compliance checklist. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Tip
03 Mar 2020
Balance fraud compliance and prevention with these tips
IT leaders must be vigilant against cyberfraud. Use this list of fraud compliance statutes and prevention tips to protect IT resources, customers and your company's reputation. Continue Reading
By -
Tip
27 Feb 2020
Privacy controls to meet CCPA compliance requirements
Existing risk management programs are a solid foundation for CCPA compliance requirements. Learn the privacy controls needed to remain CCPA-compliant and improve IT security. Continue Reading
By- Anne Kimbol
-
News
25 Feb 2020
Securiti.ai wins RSA Innovation Sandbox Contest
Securiti.ai, which offers an AI-powered 'PrivacyOps' platform, took home the title of 'Most Innovative Startup' at RSA Conference's Innovation Sandbox Contest. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
17 Feb 2020
Fighting PCI non-compliance could require new frameworks, zero trust
Falling PCI DSS compliance rates could force the PCI Security Standards Council to be more open to other regulatory frameworks and make enterprises aim higher in terms of data security. Could zero trust be part of the solution? Continue Reading
By- Michael Heller, TechTarget
-
Feature
29 Jan 2020
How to implement a holistic approach to user data privacy
IoT devices flood the market with promises to make daily life more convenient. Learn how to embrace user consent to benefit your organization and enhance user data privacy. Continue Reading
By- Katie Donegan, Social Media Manager
-
Feature
21 Jan 2020
Understanding the CSA Cloud Controls Matrix and CSA CAIQ
Uncover how the CSA Cloud Controls Matrix and CSA CAIQ can be used to assess cloud providers' controls and risk models, ensure cloud compliance and more. Continue Reading
By- Ed Moyle, Drake Software
- Diana Kelley, SecurityCurve
-
Tip
14 Jan 2020
HIPAA compliance checklist: The key to staying compliant in 2020
Putting together a HIPAA compliance program can be fraught with difficulty. Review best practices and a HIPAA compliance checklist to avoid common pitfalls and pass an audit. Continue Reading
By- Reda Chouffani, Biz Technology Solutions
- Richard Mackey
-
Opinion
23 Dec 2019
Shared responsibility model transparency boosts cloud security
The shared responsibility model delineates where company and CSP security responsibilities start and end. This is critical not only for compliance, but also the big security picture. Continue Reading
By- Lee Penn
-
Feature
10 Dec 2019
Best practices to help CISOs prepare for CCPA
With the CCPA taking effect in 2020, check out security chiefs' best practices to get ahead and stay ahead of impending data privacy and protection compliance regulations. Continue Reading
-
Definition
21 Nov 2019
Australian Assistance and Access Bill
The Australian Assistance and Access Bill is legislation introduced and passed in 2018 by the Parliament of Australia to support law enforcement and security agencies in their ability to collect evidence from electronic devices. Continue Reading
-
News
19 Nov 2019
CrowdStrike: Incident response times still too long
A CrowdStrike study revealed it takes enterprise security teams almost seven days of nonstop work to detect, investigate and contain the average incident. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Nov 2019
InfoTrax settles FTC complaint, will implement infosec program
InfoTrax settled an FTC complaint over an extensive data breach that lasted two years. Now, it can no longer collect any personal data until it implements its own infosec program. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
13 Nov 2019
Microsoft to apply CCPA protections to all US customers
Microsoft said it will apply the California Consumer Privacy Act across the nation and extend the law's data privacy protections to customers in all fifty states. Continue Reading
By- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
-
Feature
01 Nov 2019
Report shows CISOs, IT unprepared for privacy regulations
Several data management principles are common across new and developing privacy regulations, but Internet Society reports that many U.S. organizations are falling behind. Continue Reading
By- Ben Cole, Executive Editor
- 01 Nov 2019
-
Feature
28 Oct 2019
How the future of data privacy regulation is spurring change
Some companies have taken steps to improve data governance in anticipation of data privacy rules. Experts discuss the challenges of compliance in a shifting regulatory landscape. Continue Reading
-
Tip
30 Sep 2019
How PCI DSS compliance milestones can be a GDPR measuring stick
Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Feature
02 Aug 2019
Why is third-party risk management essential to cybersecurity?
Attackers know third parties hold many of the keys to the enterprise network, so third-party risk management is crucial for security professionals. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
29 Jul 2019
Untangling GDPR fines with Synopsys' Tim Mackey
Tim Mackey of Synopsys tries to clear up some of the mystery around how GDPR regulators determine the fines levied on companies for major data breaches or privacy violations. Continue Reading
By- Michael Heller, TechTarget
-
Feature
25 Jul 2019
IoT Cybersecurity Improvement Act calls for deployment standards
The IoT Cybersecurity Improvement Act would require development of security standards and guidelines for federal IoT devices, but CISOs in the private sector could also benefit. Continue Reading
-
Answer
26 Jun 2019
What is the best way to write a cloud security policy?
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these policy writing best practices. Continue Reading
By -
Answer
26 Jun 2019
What are the top cloud security certifications for 2019?
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications available from expert Nick Lewis. Continue Reading
By -
Tip
19 Jun 2019
What holistic network security tools offer an organization
Tools that provide a holistic approach to monitoring the IT infrastructure come in a variety of configurations and delivery models. Learn what's available. Continue Reading
-
News
06 Jun 2019
Why larger GDPR fines could be on the horizon
There haven't been many fines under the General Data Protection Regulation since the EU data privacy law went into effect a year ago. But experts warn that will likely change. Continue Reading
By -
Feature
31 May 2019
Explore this NGFW comparison of leading vendors on the market
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision Continue Reading
-
Feature
14 May 2019
6 firewall selection criteria to purchase NGFWs
These six key factors will help your company determine the best NGFW product for your organization's needs. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
News
08 May 2019
Google I/O 2019 keynote brings focus on security and privacy
After being a no-show at last year's conference, security and privacy improvements were big themes at Google I/O's first day, including discussion on federated learning. Continue Reading
By- Michael Heller, TechTarget
-
Feature
08 May 2019
Next-generation firewalls vs. traditional and UTMs
Learn the advantages of next-generation firewalls that protect enterprise networks from attacks and intrusion, as well as the differences between NGFWs and traditional firewalls. Continue Reading
By- Mike O. Villegas, K3DES LLC
-
Opinion
01 May 2019
Putting cybersecurity for healthcare on solid footing
CISO Kevin Charest talks security threats he sees in the healthcare field and the means his company is using to thwart them, including HCSC's Cyber Fusion Center. Continue Reading
- 01 May 2019
-
Quiz
01 May 2019
Take this cybersecurity-challenges quiz and score CPE credit
Just finished ISM's May 2019 issue? Solidify your knowledge, and get CPE credits too, by passing this 10-question quiz. Continue Reading
By- Brenda L. Horrigan, Executive Managing Editor
-
Feature
26 Mar 2019
As compliance evolves, it's time to re-address data classification
Compliance rules like GDPR and the CCPA require a fresh look at companies' data classification policy, and particularly how it defines its wide variety of unstructured data. Continue Reading
-
Tip
04 Mar 2019
To improve incident response capability, start with the right CSIRT
Is your organization ready to build a computer security incident response team? Here are the questions that should be answered when building a CSIRT to maximize incident response capability. Continue Reading
-
Tip
31 Jan 2019
How to comply with the California privacy act
Organizations that handle California consumer data have a year to comply with CCPA. Expert Steven Weil discusses what enterprises need to know about the California privacy law. Continue Reading
By- Steven Weil, Point B
-
Feature
25 Jan 2019
Infoblox's Cricket Liu explains DNS over HTTPS security issues
Cricket Liu, chief DNS architect at Infoblox, explains how DNS over HTTPS and DNS over TLS improve security, as well as challenges the new protocols may soon raise for enterprises. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
23 Jan 2019
Google GDPR fine of $57 million sets record
The Google GDPR fine of $57 million marks the first time a major tech company has been penalized under Europe's new privacy regulations. But the fine is less than the maximum allowable penalty. Continue Reading
By- Michael Heller, TechTarget
-
Feature
26 Dec 2018
CCPA compliance begins with data inventory assessment
In this SearchCIO Q&A, multiple experts sound off on major questions businesses have about CCPA compliance ahead of its January 2020 enforcement date. Continue Reading
-
Feature
20 Dec 2018
Security, compliance standards help mitigate BIOS security vulnerabilities
Cybersecurity vulnerabilities associated with PCs often overlook BIOS. Read for strategies to offset these threats and for preventing unauthorized BIOS modifications. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Tip
05 Dec 2018
What's different about Google Asylo for confidential computing?
The Google Asylo framework is an open source alternative for confidential computing. Expert Rob Shapland explains how it works and how it's different from other offerings. Continue Reading
By- Rob Shapland, Falanx Cyber
-
News
21 Nov 2018
Risk assessments essential to secure third-party vendor management
Panelists at Infosec North America advised those charged with third-party vendor management to perform due diligence and assess the innate risk vendors create for business processes. Continue Reading
-
Tip
24 Oct 2018
Guide to identifying and preventing OSI model security risks: Layers 4 to 7
Each layer of the Open Systems Interconnection presents unique vulnerabilities that could move to other layers if not properly monitored. Here's how to establish risk mitigation strategies for OSI layer security in Layers 4 through 7. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Tip
24 Oct 2018
How security, compliance standards prevent OSI layer vulnerabilities
Each layer of the Open Systems Interconnection presents unique -- but connected -- vulnerabilities. Here's how to establish OSI security and compliance best practices. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Tip
24 Oct 2018
How do SLAs factor into cloud risk management?
While you may not have much control over the infrastructure used by cloud service providers, you’re not completely at their mercy when it comes to cloud risk management. Continue Reading
By -
Answer
12 Oct 2018
How can companies implement ITSM compliance standards?
In this Ask the Expert, IT governance expert Jeffrey Ritter discusses his formula to successfully align new technology with ITSM compliance standards -- all while minimizing risk. Continue Reading
By- Jeffrey Ritter, University of Oxford
-
Answer
21 Sep 2018
How can a compliance strategy improve customer trust?
Privacy compliance strategy can help build consumer trust and improve security if companies stop looking at the regulations as an obstacle and more as a business opportunity. Continue Reading
-
Tip
20 Sep 2018
Securing remote access for cloud-based systems
Don't believe the hype: Access control in the cloud is not a lost cause. Read these tips to learn how you can better secure remote access to your cloud-based systems. Continue Reading
By -
News
13 Sep 2018
Trend Micro apps fiasco generates even more questions
In addition to other Trend Micro apps banished from the Mac App Store for gathering data inappropriately, the company has admitted to publishing the Open Any Files app. Continue Reading
By- Michael Heller, TechTarget
-
News
11 Sep 2018
Trend Micro apps on Mac accused of stealing data
Researchers claimed Trend Micro apps in the Mac App Store were stealing data. The company removed the offending features, but researchers are still not sold on Trend Micro's excuse. Continue Reading
By- Michael Heller, TechTarget
-
Opinion
13 Aug 2018
Google's 'My Activity' data: Avoiding privacy and compliance risk
Google's Activity Controls create privacy and compliance risks for organizations, as well as a potential gold mine for social engineering hacks. Here's how to avoid those threats. Continue Reading
By- Daniel Allen, N2 Cyber Security Consultants
-
Feature
31 Jul 2018
Citrix's Peter Lefkowitz on impact of GDPR privacy requirements
New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
27 Jul 2018
Cybersecurity and physical security: Key for 'smart' venues
With sustainability being a huge driver of modern business development, protecting consumers' cyber- and physical security is an essential element when designing smart cities and venues. Continue Reading
By- Ben Cole, Executive Editor
-
Blog Post
27 Jul 2018
How Dropbox dropped the ball with anonymized data
Dropbox came under fire for sharing anonymized data with academic researchers after questions emerged about how the data was protected and used. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
12 Jul 2018
How can cryptojacking attacks in Chrome be stopped?
Google instituted an aggressive ban on all cryptomining extensions for Chrome after cryptojacking attacks started to become more common. Learn how the ban works with Michael Cobb. Continue Reading
By -
Feature
26 Jun 2018
Identify gaps in cybersecurity processes to reduce organizational risk
Organizational risk is a given at modern companies. But as threats persist, identifying preventable cybersecurity gaps presents an opportunity to strengthen enterprise defenses. Continue Reading
-
Quiz
14 Jun 2018
How much do you know about cloud risk assessment?
Preparing to take the CCSP exam? This Domain 3 practice quiz tests your understanding of cloud risk assessment, threat analysis, infrastructure security and more. Continue Reading
By -
Tip
12 Jun 2018
Cloud risk management explained: Just how secure are you?
There is no shortage of vulnerabilities in the cloud, but the same is true of any outsourcing arrangement. Practicing cloud risk management is essential to staying secure. Continue Reading
By -
Blog Post
30 May 2018
It's GDPR Day. Let the privacy regulation games begin!
GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Blog Post
09 May 2018
Google I/O's security and privacy focus missing on day one
It's fairly easy to find stories sparking security and privacy concerns regarding a Google product or service — Search, Chrome, Android, AdSense and more — but if you watched or attended Google ... Continue Reading
By- Michael Heller, TechTarget
-
Blog Post
04 May 2018
'Gen V' attacks: The next cybersecurity problem?
In a recent online presentation, Check Point Software Technologies founder and CEO Gil Shwed stated that "we are at an inflection point" when it comes to cybersecurity. Shwed's statement came on ... Continue Reading
By- Tom Gambardella
-
Answer
30 Apr 2018
What is included in the mPOS security standard from PCI SSC?
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help. Continue Reading
By -
Blog Post
27 Apr 2018
GDPR deadline: Keep calm and GDPR on
With the GDPR deadline looming, companies may still be scrambling to do "something" about it, but with less than 30 days to go the best move for many may be to wait and watch, and perhaps just ... Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Answer
20 Apr 2018
Self-sovereign identity: How will regulations affect it?
Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain. Continue Reading
By- Rob Wright, Senior News Director
-
News
18 Apr 2018
IBM's Cindy Compert cooks up a batch of GDPR preparation
GDPR preparation, with practical tips and recipes, was on the menu at RSAC 2018, as IBM CTO Cindy Compert offered practical advice for compliance with the EU privacy regulation. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Tip
18 Apr 2018
How enterprises should handle GDPR compliance in the cloud
GDPR compliance in the cloud can be an intimidating concept for some enterprises, but it doesn't have to be. Rob Shapland explains why it's not so different from on premises. Continue Reading
By- Rob Shapland, Falanx Cyber
-
Quiz
04 Apr 2018
CCSP practice test: Do you know the cloud computing basics?
Preparing to take the CCSP exam? Test your knowledge of key topics in Domain 1, which covers cloud concepts, reference architectures, security concerns and design principles. Continue Reading
By -
Blog Post
31 Mar 2018
Privacy protections are needed for government overreach, too
Following the Facebook-Cambridge Analytica controversy, major tech companies pledged to defend users from corporate data misuse, but they're ignoring a more serious privacy threat. Continue Reading
By- Rob Wright, Senior News Director
-
Blog Post
30 Mar 2018
Apple GDPR privacy protection will float everyone's privacy boat
With its embrace of new tools for protecting consumer privacy, Apple GDPR privacy protection will be available to all users as the EU's new privacy protection legislation is set to start ... Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
30 Mar 2018
New Facebook privacy features and bug bounty aim to repair damage
News roundup: New Facebook privacy features and updates to the company's bug bounty program are being rolled out. Plus, Drupalgeddon 2.0 threatens over 1 million sites, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Answer
21 Mar 2018
When does the clock start for GDPR data breach notification?
As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Guide
20 Mar 2018
GDPR compliance requirements and how to best fulfill them
Learn the details of the European Union's new regulations for data security and what your company needs to do now to meet them and avoid expensive penalties. Continue Reading
-
News
20 Mar 2018
Illegitimate Facebook data harvesting may have affected elections
A whistleblower claims a company with suspicious motives exploited Facebook data harvesting to build profiles on 50 million users and influence the 2016 U.S. presidential election and Brexit vote. Continue Reading
By- Michael Heller, TechTarget
-
Answer
19 Mar 2018
What will GDPR data portability mean for enterprises?
Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
09 Mar 2018
DHS cybersecurity audit scores below target security levels
A DHS cybersecurity audit for FISMA compliance by the Office of Inspector General rated the agency below target levels in three of five areas of information security. Continue Reading
By- Michael Heller, TechTarget
-
Answer
27 Feb 2018
How hard will the GDPR right to be forgotten be to get right?
Under GDPR, the right to be forgotten is granted to all EU data subjects. Mimecast's Marc French explains why enterprises will need to be careful about how they manage the process. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Blog Post
16 Feb 2018
SheHacks hackathon at BU promotes female tech advancement
For 36 hours during the last weekend in January, more than 1,000 attended one of the largest women's hackathons ever at SheHacks Boston. SheHacks Boston organizer Natalie Pienkowska said that the ... Continue Reading
By- Tom Gambardella
-
Blog Post
31 Jan 2018
Alphabet unveils Chronicle cybersecurity business unit
There is a new moonshot in cybersecurity, and Google's parent company is calling it Chronicle. Alphabet's cybersecurity business unit launched last week and plans on selling cybersecurity services ... Continue Reading
By -
Feature
31 Jan 2018
Cybersecurity professionals: Lack of training leaves skills behind
Cybersecurity professionals' increased workloads leave little time for training, leaving their skill sets -- and their companies' data security -- vulnerable to outside threats. Continue Reading
By -
Tip
21 Dec 2017
A look at the key GDPR requirements and how to meet them
Meeting the most important GDPR requirements is a great first step to compliance with the new regulation. Expert Steve Weil outlines how to get started on GDPR compliance. Continue Reading
By- Steven Weil, Point B
-
Tip
28 Sep 2017
What a data protection officer can offer enterprises subject to GDPR
The EU GDPR requires that organizations appoint a data protection officer, but is that really necessary for security? Expert Francoise Gilbert examines the compliance requirement. Continue Reading
By- Francoise Gilbert, Greenberg Traurig
-
Podcast
06 Sep 2017
Risk & Repeat: Payment card security a growing concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
04 Sep 2017
What should you do when third-party compliance is failing?
Third-party compliance is a necessary part of securing your organization's data. Expert Matthew Pascucci discusses what to do if you suspect a business partner isn't compliant. Continue Reading
-
News
01 Sep 2017
Enterprise compliance with PCI DSS is up, says Verizon
News roundup: More than half of enterprises are in compliance with PCI DSS, according to a Verizon report. Plus, Turla is on the attack again with a new campaign, and more. Continue Reading
By- Madelyn Bacon, TechTarget
-
Feature
28 Aug 2017
Electronic voting systems in the U.S. need post-election audits
Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems? Continue Reading
By- Madelyn Bacon, TechTarget
-
Tip
24 Aug 2017
The difference between security assessments and security audits
Security audits vs. security assessments solve different needs. Organizations may use security audits to check their security stature while security assessments might be the better tool to use. Expert Ernie Hayden explains the differences. Continue Reading
By- Ernie Hayden, 443 Consulting LLC
-
Answer
02 Aug 2017
Can a PCI Internal Security Assessor validate level 1 merchants?
A PCI Internal Security Assessor might not be the best bet to validate the compliance of a level 1 service provider. Expert Matthew Pascucci explains why and the alternative. Continue Reading
-
Feature
27 Jul 2017
The GDPR right to be forgotten: Don't forget it
Nexsan's Gary Watson explains that the GDPR right to be forgotten will be an important piece of the compliance picture and means deleting data securely, completely and provably when customers ask for it. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Feature
25 Jul 2017
Protecting Patient Information
In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data breaches in healthcare. Continue Reading
By- Syngress and SearchSecurity
-
Feature
25 Jul 2017
Mobile Security and Privacy
In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity in terms of mathematics. Continue Reading
By- Syngress and SearchSecurity
-
Podcast
02 Jun 2017
Risk & Repeat: GDPR compliance clock is ticking
In this week's Risk & Repeat podcast, SearchSecurity editors discuss GDPR compliance and how the EU law will affect enterprise data privacy and security across the globe. Continue Reading
By- Rob Wright, Senior News Director