Management, compliance & auditing September 11, 2014 Security Ninja Want to Limit PCI DSS Scope? Use Tokenization Every organization should follow a proactive rather than a reactive approach to protect against threats, risks and vulnerabilities, to which if their IT infrastructure...
Management, compliance & auditing August 13, 2014 Dimitar Kostadinov Cyber Insurance Introduction Cyber insurance coverage has been available on the market for a decade, but only recently companies have been seeing a significant growth—sales...
Management, compliance & auditing August 4, 2014 Dan Virgillito Bringing Down Security Risks With A BYOD Encryption Policy The number of employees using their personal devices for work-related purposes is absurd. Let's just say there's an employee or two in every organization using...
Management, compliance & auditing July 18, 2014 Security Ninja File integrity monitoring (FIM) and PCI-DSS In this article, we will learn about the requirement of file integrity monitoring in PCI-DSS (Payment Card Industry Data Security Standard). If we talk about...
Management, compliance & auditing June 27, 2014 Dimitar Kostadinov Key Elements of an E-mail Retention Policy 1. What is an E-mail Retention Policy? Simply put, an e-mail retention policy/ERP is the process of keeping emails for compliance or business reasons. It differs...
Management, compliance & auditing June 23, 2014 Infosec Data Access Governance: Security’s Biggest Unaddressed To-Do If you are like me, there are many things you can check off your to-do list every day. However, if you are really like me, then there are some things which...
Management, compliance & auditing June 12, 2014 Security Ninja PCI-DSS 3.0 – Key Drivers Every organization should follow a proactive rather than a reactive approach to protect against threats, risks, and vulnerabilities to which if their IT infrastructure...
Management, compliance & auditing May 21, 2014 Dawid Czagan Qualitative risk analysis with the DREAD model This article introduces two types of risk analysis (quantitative, qualitative) and presents how to perform qualitative risk analysis with the DREAD model. Finally,...
Management, compliance & auditing April 16, 2014 Ryan Mazerik Information Security Policies Organisations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs...
Management, compliance & auditing March 27, 2014 Chintan Gurjar Information Security Policy For SME Information security (IS) is a critical part of any small scale company and a big enterprise, and a challenge for any firm. Information security involves very...