Regulatory Reality:

NERC

1

September 20, 2010  8:28 PM

Regulatory compliance management lacking common sense



Posted by: David Schneier
Audit, compliance, exam, examination, GLBA, HIPAA, NCUA, NERC, PCI, regulatory, Regulatory Compliance, risk, risk assessment, SOX

I stumbled upon an old nemesis of mine recently and the bad taste it left in my mouth continues to offend my senses. In an industry where there are standards that define how standards should be written and websites dedicated to dissecting each standard so that everyone can understand what the...

July 8, 2009  3:45 PM

How’s about a federally mandated Information Security Assessment?



Posted by: David Schneier
Audit, compliance, cyber security, FERC cyber security, GLBA, NERC, Regulatory Compliance, SOX

I had a eureka moment recently that I’d like to share.

In considering the implications of the recently announced changes by MasterCard that will now require PCI Level 2 merchants to be assessed by a Qualified Security Assessor (QSA) it occurred to me...


June 4, 2009  8:26 PM

Why financial institutions might want to keep an eye on the energy industry.



Posted by: David Schneier
CIP, FERC cyber security, NERC, PCI, Regulatory Compliance

Through an odd turn of events over the past few months I’ve found myself actively engaged with a group that’s focusing quite a bit of effort on NERC CIP. For those of you not in the know, NERC (North American Electric Reliability Corporation) is to the energy...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: