SEARCH RESULTS
 
Showing 1-10 of 283 records
 
Expand article

Reverse Compliance or "Logs as Proof of Incompetence?"

2008-05-06 17:27:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...compliance (including my book chapter ) and overall logging for compliance. How about "reverse compliance" against logs Whaaaat? WTF is "reverse compliance Reverse compliance" is a motivation to purposefully avoid technologies that have a chance of telling you that you are NOT in compliance. Sadly , logging is featured very high on the list...
 
Tags: compliance, reverse compliance, logs, pci dss, pci dss requirements, pci dss compliance, compliance posture, compliance issues, issues
 
 
 
 
Expand article

Leveraging Compliance For Security

2008-02-18 18:15:05 by dmortman in securosis.com
 
...compliance Sarbanes-Oxley, GLBA, PCI, and there will undoubtedly be more in the coming years. As a result, vendors are pushing all sorts of products that purport to help solve the compliance problem. However, compliance is not a technology problem its a business problem which needs a business solution. By instituting sustainable business...
 
Tags: business processes, sustainable business processes, business processes tie, process, process implementation, processes, multi-owner processes, change management process, business continuity plans
 
 
 
 
Expand article

Is there a "silver bullet" to IT Compliance Management?

The Article has images
2007-12-06 13:12:00 by Ryan Shopp in practical risk management
...Compliance Management by: Ryan Shopp A few times I've found myself getting confused or having trouble explaining the relationships between policies, standards, controls, audits, etc when answering questions about IT Compliance & Risk Management? I came across a great two part thread in my blog reader that help crystallize things for me....
 
Tags: compliance, compliance management, silver bullet, compliance institute, standards, numerous standards organizations, compliance close, controls, compliance requirements
 
 
 
 
Expand article

PCI compliance are you just checking the box?

2007-11-14 22:05:00 by Patrick McGregor in Data Protection, Management and Leakage
 
...compliance box instead of embracing the business benefits that PCI compliance can bring Is there value beyond just checking the box Yes PCI compliance efforts deliver significant value beyond the immediate data protection benefits. As part of becoming compliant, many retailers are being forced to rethink their systems, data paths, security...
 
Tags: pci, pci compliance, pci requires, address pci challenges, challenges, address, pci initiatives, retailers, data protection benefits
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...compliance statement Hannaford Supermarkets has been certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is recognized as the accepted industry security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...compliance statement Hannaford Supermarkets has been certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is recognized as the accepted industry security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

From Self-Defending Networks to Realtime Compliance

2007-03-28 07:03:03 by RaviC in Musings on Information Security
 
...compliance phrases were flying all over, Real-time Compliance, Continuous Compliance, Sustainable Compliance, ad-nauseum. The famous McAfee party was my savior, I downed few glasses of wine and that helped me regain my orientation. Riding back home on the cal-train I was wondering if customers buy vendor phrase or real solution that address...
 
Tags: shield network, network, security, provide physical security, vendor phrase, phrase, business, famous mcafee party, business systems
 
 
 
 
Expand article

Compliance costs not slowing down - technology automation to the rescue

2008-01-28 13:34:00 by Ryan Shopp in practical risk management
 
...Compliance Labyrinth offers some great tidbits from recent surveying of financial executives Compliance continues to increase - from 2.83% of net income in 2002 to 3.69% of net income in 2006 Primary costs continue to be driven through applying people, not technology to the problem and the kicker from our perspective, measuring compliance...
 
Tags: technology, leverage technology automation, net income, compliance costs, primary costs continue, compliance labyrinth offers, people, process management tools, reduce people
 
 
 
 
Expand article

Sitting on your hands is not an option - FUD, Compliance, what will it take to sell security?

2008-03-13 00:17:43 by HASH0x84729f8 in StillSecure, After All These Years
 
...compliance. There was a time when to sell security you would ask your customer, what would happen to your business if your network was brought down? What would happen if your IP was stolen? What would the negative publicity of a security breach cost you? Of course some of these questions could be turned on their side into the infamous...
 
Tags: security breach, security breach scare, security, security breach cost, security purchase, security industry, provide security, industry, real live security