IT Compliance Advisor:

April, 2009


April 27, 2009  5:45 PM

Kodak CISO on meeting today’s compliance challenges



Posted by: GuyPardon
Chief information security officer, CISO, compliance, Eastman Kodak, podcast, risk management, RSA Conference, Security

In this IT Compliance Advisor podcast from SearchCompliance.com, associate editor Alexander B. Howard interviews Bruce Jones, chief information...

Bookmark and Share     0 Comments     RSS Feed     Email a friend

April 24, 2009  7:58 PM

At RSA: Cyberwar, compliance, virtualization and cloud security



Posted by: GuyPardon
application development, cybersecurity, National security, National Security Agency, NSA, RSA, Security

What's been the buzz at the RSA Conference? Constant and loud, to be sure, but perhaps a dull roar compared with past years. Seasoned analysts, vendors and delegates all note that attendance is down, no doubt due to a decrease in...


April 23, 2009  2:08 PM

IT spending, budget increases tied to compliance



Posted by: Scot Petersen
compliance, IT budget, Security, study, threat management

The poor economy and recession has resulted in cutbacks just about everywhere, but apparently not in information security technology spending. That's not necessarily good news, though, for those...


April 22, 2009  9:56 PM

Cybersecurity is ‘a critical national interest,’ says Hathaway



Posted by: GuyPardon
Cyberspace, encryption, Melissa Hathaway, National security, Security

"It is the fundamental responsibility of our government to secure cyberspace for its citizens and the world." -- Melissa Hathaway...


April 21, 2009  3:56 PM

The future of compliance policy management



Posted by: Scot Petersen
compliance, future, management, podcast, policy, risk, Security

Compliance is not just "one thing" for businesses anymore. Compliance has become a broad subject like "finance" or "security," with many sub-topics underneath that umbrella. The best strategy for the range of compliance policy management issues facing IT and business managers today is to take a...


April 21, 2009  2:42 PM

Database logging and privileged access control



Posted by: SarahCortes
Access control, Audit, Audit trail, Chief information security officer, COBIT, compliance, log files, log management, Sarbanes-Oxley Act, Security

Ship captains have long started their days by initialing log entries. As a former senior security executive at a financial services firm with $500 billion in assets under management and over 20,000 employees, my day would start similarly. Each morning, I’d take responsibility for reviewing lists...


April 16, 2009  6:20 PM

Email to the Editor: 201 CMR 17.00, ID theft and data protection



Posted by: GuyPardon
compliance, Email to the Editor, Gramm-Leach-Bliley Act, identity theft, Information security, MA data protection law

Great article ["Panels describe risks of noncompliance with Mass. data protection law"]. Numerous thought-provoking statements in this article and in the legislation itself. My first thought is that...


April 13, 2009  7:08 PM

What does being PCI DSS compliant really mean?



Posted by: Scot Petersen
compliance, data leakage, PCI DSS, podcast, Visa

There is a big difference between being PCI DSS compliant and being "certified" as PCI DSS compliant, says e-commerce expert Evan Schuman of

Bookmark and Share     0 Comments     RSS Feed     Email a friend


April 13, 2009  3:28 PM

Compliance fundamentals: Database logging, privileged access control



Posted by: SarahCortes
access controls, compliance, compliance fundamentals, IAM, identity theft, Information security, Intrusion detection system, log files, Security

On April 10, 2009, 10,868 Social Security numbers at Penn State Erie, The Behrend College, were compromised by a detected intrusion. Last October’s data breach of 17 million records at


April 9, 2009  4:00 PM

Keep your change management process simple



Posted by: Scot Petersen
change management, COBIT, ISO, ITIL

This is a guest post by Laurence Anker, engagement manager, technology risk management, at Jefferson Wells International Inc. The only constant in information technology today is change. The changes are broad and rapid across the domains of hardware, system software, application...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: