March 30, 2009 2:01 PM
Posted by: GuyPardon
Anti-Virus,
April Fools Day,
Conficker,
Denial-of-service attack,
Information security,
intrusion defense,
malware,
Microsoft,
Microsoft Windows,
Security,
security policy,
Windows Malicious Software Removal ToolLeslie Stahl's segment on 60 Minutes on the danger of the Conficker worm releasing a massive DDoS attack or other malicious action on April 1 has received...
March 26, 2009 6:57 PM
Posted by: Scot Petersen
compliance,
credit cards,
e-commerce,
Heartland,
Heartland Payment Systems,
PCI,
PCI DSS,
QSA,
Qualified Security Assessor,
retailIT Knowledge Exchange blogger Charles Denyer has some sound...
March 26, 2009 2:05 PM
Posted by: SarahCortes
Access control,
business,
compliance,
compliance audit,
Information Systems Audit and Control Association,
ISACA,
regulatory compliance,
SecuritySo you got the word, the compliance auditors are coming in. It’s like that big squash or tennis match. You’re feeling pretty good, and you think you’re ready. After all, you’re an IT professional, conscientious, hard-working and knowledgeable. But do you know what standard the auditors will...
March 23, 2009 7:13 PM
Posted by: GuyPardon
Amazon.com,
cloud compliance,
Cloud computing,
Cloud Security,
Google,
Hewlett-Packard,
IBM,
Payment card industry,
PCI,
SaaS,
Sun MicrosystemsThe hype around cloud computing may have subsided, but the issues around adapting and adopting the underlying model are as hot...
March 19, 2009 8:43 AM
Posted by: SarahCortes
Audit,
business,
CISA,
COBIT,
Information technology,
IT controls,
risk,
Risk assessment,
risk management[One of our readers, compliance officer Ramon de Bruijn, wrote to the editors of SearchCompliance.com at editor@searchcompliance.com last month looking for some advice. Specifically, he asked "What is the best way to implement a risk assessment in...
March 13, 2009 8:54 PM
Posted by: Scot Petersen
compliance,
conference,
data protection,
encryption,
governance,
MA data protection law,
regulatory compliance,
risk managementAs business owners are preparing for the new Massachusetts data protection law, also known as 201 CMR 17: Standards for The Protection of Personal Information of Residents of the...
March 13, 2009 6:03 PM
Posted by: GuyPardon
Capability Maturity Model Integration,
compliance,
conference,
data protection,
encryption,
governance,
Information security,
MA data protection law,
regulatory compliance,
Risk assessment,
risk management,
Twitter,
VirtualizationAs I wrote yesterday, the Compliance Decisions Summit got off to a great start when Eric Holmquist and Richard Mackey considered the
March 12, 2009 5:09 PM
Posted by: GuyPardon
business,
compliance,
compliance decisions,
conference,
Information security,
Information Security Governance,
regulatory compliance,
risk management,
Security,
Statement on Auditing Standards No. 70: Service Organizations,
Symantec,
Twitter,
Virtual private networkThe Compliance Decisions Summit taking place in Newton, Mass., got off to a great start this morning.
March 5, 2009 4:44 PM
Posted by: GuyPardon
Boston Massachusetts,
compliance,
conference,
Google Health,
hashtags,
HIPAA,
Information Technology Infrastructure Library,
ITIL,
Online Communities,
Social network,
Twitter,
webAs those of you who have followed the launch of SearchCompliance.com know, we've been using our @ITCompliance account on Twitter to share news, find our audience, get the freshest compliance news and pass on...
