Management, compliance & auditing July 15, 2016 John G. Laskey Entry Level Risk Management: Creating a First Security Risks Register Organizations of all sizes apply risk management to their operations. In larger ones, this will normally be through a formal Enterprise Risk Management (ERM)...
Management, compliance & auditing May 4, 2016 Security Ninja PCI-DSS 3.2 is Coming: Are You Ready? Compliance Standards have never been so often changing in past as they are today and the major changes in them with regards to information security. This makes...
Management, compliance & auditing February 24, 2016 Daniel Dimov Legal issues of new and emerging technologies Since the invention of the agriculture in the Fertile Crescent, the humanity has witnessed continuous technological developments. Such developments affect the...
Management, compliance & auditing February 1, 2016 Alexander Polyakov SAP Afaria Security: Attacking Mobile Device Management (MDM) Solution It is known that the BYOD trend is changing the way enterprises are managed, delivered, and, most importantly, secured. While BYOD has its benefits, such as...
Management, compliance & auditing January 28, 2016 Security Ninja Windows logging for PCI-DSS Various organizations strive to be PCI-DSS compliant, and they often have a hard time deciding what to log from Windows Systems so as to retain all the essential...
Management, compliance & auditing January 26, 2016 John G. Laskey Why ITIL, COBIT and Other Non-Infosec Based Frameworks Are Infosec’s Best Friends As a current or aspiring security professional, you will know of a range of information security frameworks and enablers. These might include standards, e.g....
Management, compliance & auditing January 19, 2016 Nathan Wenzler Breaking Bad Behavior: Why Non-SIEM Behavioral Analysis May Not Be All It’s Cracked Up to Be Behavioral Analysis is becoming a huge buzzword in the IT and Information Security industries. With the idea that you can automatically determine whether or...
Management, compliance & auditing December 10, 2015 Dimitar Kostadinov Is Safe Harbor 2.0 Another Tug of War between Privacy and Security? In Schrems v. Data Protection Commissioner, the Court of Justice of the European Union (also known as CJEU or ECJ) held that the application of the U.S.-EU...
Management, compliance & auditing November 24, 2015 Jatin Jain What Is SIEM? A SIEM (security information and event management) is a software solution that normalizes, filters, correlates, assembles, and centrally manages other operational...
Management, compliance & auditing November 19, 2015 Daniel Brecht The Cybersecurity Information Sharing Act of 2015 (CISA): Is It the Right Answer? In attempt to further cybersecurity efforts for the nation, a brand new cybersecurity bill, the S. 754, has just been discussed: the Cybersecurity Information...