ISO 27001 standard: Breaking the documentation myth
Dejan Kosutic is the founder of the Information Security & Business Continuity Academy. In this interview he discusses the future of compliance, ISO 27001 documentation, …
compliance
Data privacy protection for Hadoop
Dataguise released DgHadoop, a data privacy protection and risk assessment solution for Hadoop. It provides compliance assessment and enforcement for centralized data privacy …
nCircle automates new PCI DSS requirements
nCircle PureCloud automates the new internal vulnerability scan requirements included in the most recent update to the Payment Card Industry Data Security Standard (PCI DSS). …
ISO 22301: An overview of BCM implementation process
While many business continuity methodologies exist for more than 20 years, none of them have really managed to include business continuity in regular management duties – …
PCI compliance scan for Google Drive
CloudLock announced a pattern matching engine that identifies, classifies, and secures sensitive information, including Personally Identifiable Information (PII), PCI data and …
Gaps in anti-bribery compliance at multinational corporations
Despite a steady increase in Foreign Corrupt Practices Act (FCPA) investigations and enforcements over the last several years, the majority of corporate compliance officers at …
Passing the internal scan for PCI DSS 2.0
Merchants subject to Payment Card Industry Data Security Standard (PCI DSS) rules are often blindsided by DSS changes, arrival of new payment technologies, and newly emerging …
(IN)SECURE Magazine issue 34 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 34 has been released today. Table of contents: …
What’s new in ISO 22301: How to make a transition from BS 25999-2
Currently there are many business continuity frameworks and standards around the world, but none of them have really taken the dominant position. ISO 22301 will probably …
Tips for a unified records management approach
While an increasing number of companies have one policy for handling paper documents and electronic files, the pervasive growth of new record sources like Twitter, wikis and …
Organizations struggling to enforce policies for managing records
Despite greater investments in their information management programs, most organizations still struggle with properly implementing those programs and getting employees to …
Leveraging PCI standards to accept mobile payments securely
The PCI Security Standards Council (PCI SSC) published a customized fact sheet outlining how merchants can securely accept payments using mobile devices such as smartphones or …