Compliance

A jumble of acronyms that stand for an overwhelming number of federal mandates have marched compliance right to the front of most leading security professionals' minds. With SOX, GLBA, HIPAA, FISMA keeping CSOs up at night, SC Magazine offers its Compliance sector, your guide to meeting federal requirements.

Latest Compliance News and Opinions

Solid state: A new state data breach regulation

Greg Masters March 01, 2010

A new privacy regulation in Massachusetts evokes anxiety for many, but getting in line may prove to be no big deal, reports Greg Masters.
 

Forty percent using compensating controls to meet PCI

Dan Kaplan March 01, 2010

Forty-one percent of merchants are relying on compensating controls to meet Payment Card Industry Data Security Standard (PCI DSS) requirements, according to a survey released Monday by the Ponemon Institute and commissioned by encryption firm Thales. The survey, which polled 155 qualified security security assessors, who are charged with confirming a company's adherence to PCI. Compensating controls "may be considered for most PCI DSS requirements when an entity cannot meet a requirement explicitly as stated, due to legitimate technical or documented business constraints," according to the PCI Security Standards Council. — DK
 

Is increased government regulation the answer to increased privacy protection?

Glen Kosaka, director of marketing, Trend Micro February 25, 2010

Data breaches involving privacy information continue to increase despite the costs, embarrassment and negative publicity associated with them.
 

Security spending, DLP projects to increase

Angela Moscaritolo February 23, 2010

Information security budgets will get a boost at many organizations in 2010, according to a study released Tuesday by IT research company TheInfoPro. The study, based on interviews of 259 security decision makers at Fortune 1000 and mid-size organizations, found that 40 percent of enterprises are planning to increase their 2010 security budgets. Data leakage prevention topped the list of projects planned for 2010, followed by identity management and compliance initiatives. — AM
 

Six years later, CAN-SPAM Act leaves spam problem unresolved

Martin Lee, senior software engineer, Symantec Hosted Services February 16, 2010

In 2004 at the World Economic Forum, Bill Gates proclaimed: "Two years from now, spam will be solved." Six years later there is no indication that the spam problem will ever be solved. So what went wrong?
 

Compliance Vendors

Aveksa

The Aveksa Access Governance Platform is the industry’s first comprehensive solution for access governance, risk and compliance management. It is comprised of the Aveksa Compliance Manager, which automates the monitoring, reporting, certification and remediation of user entitlements; the Aveksa Role Manager, which enables role discovery, modeling and maintenance; and the ...

NitroSecurity

NitroSecurity supplies information security products that protect business information and infrastructure with solutions that reduce business risk exposure and increase network and information availability by monitoring, protecting and alerting organizations about suspicious or harmful network activities.

Shavlik Technologies LLC

Over 10,000+ organizations worldwide trust Shavlik Technologies to simplify their complex enterprise network security. Designed to reduce risk and improve the use of IT resources, Shavlik products automate: • Patch and Configuration Management • Application Control • Audit Reporting • Compliance Management

Tenable Network Security

Tenable Network Security® is a leader in Unified Security Monitoring and creator of the award winning Nessus® vulnerability scanner. Tenable's products have been designed to monitor systems and networks against a number of the established compliance standards. It is important to note that a secure infrastructure is achieved through a ...

Whitebox Security, LTD.

Whitebox Security, an innovator in Identity Intelligence, is the first provider of purpose built Identity Intelligence platform. The WhiteOPS™ product family helps enterprises to gain full visibility into their business application, detect anomalies in user's behavior and define security policies with first ever correlation of IT security policies with ...
Popular Topics
Analyst Reports & Industry Surveys Apple Threats Botnets Breach Remediation Breaches & Exposures Browser Flaws Cybercrime Data Breaches Data Leakage Prevention Database Security Email Security Endpoint Protection Government Hackers Hacking Lawbreakers & Cybercrime Patch Management Patch Tuesday Phishing Retail RSA Conference 2010 Spam Virtualization Vulnerabilities & Flaws Vulnerability Management