Compliance — News

The week in security: Australian governments, telcos least trusted to protect personal data

Australia may be the world's fourth-largest holder of network-security patents, but its Telecommunications companies and government agencies are the least trusted industries when it comes to protecting user data, a new survey has found. Case in point: the besieged US Office of Personnel Management – already hit with a class-action suit over the recent breach of data on US government employees – which took a key system offline after a security flaw was identified in a Web-based background-check system.

David Braue | 06 Jul | Read more

Creating a compliance program on a budget

Along with death and taxes, security compliance programs are becoming one of the unavoidable facts of life for many of us. That means someone has to create a compliance program so you can monitor and put appropriate controls in place around information security.

Anthony Caruana | 05 Jun | Read more

Security culture begins at the top

What’s the most important factor of a successful security program? Technology such as endpoint protection? Making sure your change management processes and system development life cycle includes consideration of security risks? Strong policies? Not quite.

Wayne Chung | 02 Feb | Read more

Creating a cloud SLA from diagnostic data

As a CSO and CIO you may be wondering why I crafted a diagnostic related to understanding your most critical web products. The original purpose of the diagnostic was to discern which applications and how applications are ported successfully to a service provider's cloud. The diagnostic determines which cloud IaaS products (storage components, network components, and virtualization machines) are needed for an application. It addresses the platform components (server/operating system and web server) in the PaaS layer. Lastly, it focuses on the SaaS software application.

Gregory Machler | 05 Aug | Read more

How we tested vulnerability analyzers

We developed a test methodology and evaluation criteria in six main areas, including results reporting, product controls and manageability, scan results, vulnerability workflow features, interoperability, and updates and protocol support.

Joel Snyder | 20 Jun | Read more

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release