As IoT and big data increase cyber risks, industry on the defensive

The time isn’t far away when everything in our lives, from furniture to coffee pots, will have the ability to be "smart." Various reports estimate that there will be anywhere between 30 to 200 billion internet-connected devices by 2020.
And with the
How security standards help companies prioritize data protection

In part one of this blog post, John Pescatore, director at the nonprofit cybersecurity training provider SANS Institute, delved...
Businesses must look beyond regulations for security and privacy guidance

Last month, Sens. Richard Burr and Dianne Feinstein from the Senate Select Committee on Intelligence unveiled a draft of the Compliance with Court Orders Act of 2016 that would require all technology companies -- from mobile device manufacturers to application makers -- to comply with court orders...
Five reasons to invest in ISO 27001 and other security certifications

Information security has become a vital business driver as the huge data volumes generated by modern companies contain a treasure trove of intellectual property and PII that is enticing the hackers. A variety of security certifications and standards have been developed to help companies...
PCI DSS 3.2 multifactor requirement among the version’s biggest changes

Details surrounding the updated Payment Card Industry Data Security Standard show that version 3.2 includes new multifactor authentication and encryption requirements. Also in recent GRC news: SEC enforcement actions -- or the lack of them -- are raising concerns about the agency's ability to...