IT Compliance Management: The What and Why

IT Compliance Management IT compliance management can be difficult for many organizations that don’t understand the requirements of cyber data, especially when you have to consider standards such as SOX, NERC CIP, PCI DSS, GLBA, etc. Today, let’s discuss IT compliance management and its importance within your organization. [...]

Service Provider Risk and Compliance

Service Provider Risk and Compliance In our continuing effort to educate on the importance of risk assessment and compliance, this week we wanted to touch base on service provider risk and what you can do to help reduce it. We’ve had many customers unclear on the terminology of [...]

How to Prepare for a Security Audit

The Unnecessary Torture of Security Audits From financial services to healthcare, nearly every industry gets audited for security, and no one looks forward to it. Just the thought of getting audited can generate chaos, stress and headaches to those involved. But what if I told you, it doesn’t have [...]

August 2015 Webinar: Risk and CIP-014’s R4

“Why You Should Stop Thinking about Risk When You Think about CIP-014’s R4” Often physical security professionals associate CIP-014's R4 with the word risk. However, this interesting and informative webinar for physical security executives will include three surprising points: Why risk is inconsequential to CIP-014’s R4 Why you should [...]

SEC Cybersecurity Threats

The Securities and Exchange Commission (SEC) to require registered broker-dealers and registered investment advisers to conduct risk assessments to identify cybersecurity threats, vulnerabilities, and potential business consequences. Earlier this year on March 26, 2014, the U.S. Securities and Exchange Commission sponsored a Cybersecurity Roundtable. In opening the Roundtable, Chair [...]

Obama Signs Secret Cybersecurity Directive

Classified Order Aims to Use Military to Protect Key IT Networks President Obama signed a classified presidential directive last month that enables the military to act more aggressively to frustrate cyberattacks on government and private computer networks. The White House confirmed the issuance of Presidential Policy Directive 20, updating [...]

By |2012-11-17T21:49:32+00:00November 17th, 2012|Corporate Security|0 Comments

Mobile, Cloud Security Guidance Needed

Smaller Institutions Could Benefit from Regulators' Help Last year, federal regulators issued FFIEC authentication guidance for online transactions. But, unfortunately, regulators apparently don't plan to issue additional guidance on the security issues involved in mobile banking and cloud computing. Larger institutions don't really need guidance on these topics. Most [...]

By |2012-09-13T16:21:38+00:00September 13th, 2012|Corporate Security|0 Comments

ONC Plans Mobile Security Guidance

The Office of the National Coordinator for Health IT is studying use of mobile devices in small healthcare environments. The goal: new mobile security guidance that will be released in 2013. The Office of the National Coordinator for Health IT next spring will release a guidance to help small [...]

By |2012-08-20T09:19:34+00:00August 20th, 2012|Corporate Security|0 Comments