Security: Regulations & Standards


Laptop Security: Hackers Attack Encrypted Data on Chips

Sleeping laptops may be the next way hackers steal encrypted information

Rogue Trader Highlights Need to Mind Your Controls

In an age of Sarbanes-Oxley and similar regulatory measures, how could a single rogue trader have racked up more than $7 billion in losses?

Enterprise Security: The Human Factor

Why organizations need to get serious about security awareness training

Security in Review: Yesterday and Tomorrow

Will it be "same old, same old" in security for 2008?

Compliance and Security, Part 3: Handling the Off Stream

Compliance applies to the entire infrastructure, even the many crannies of heterogeneous environments.

Compliance and Security, Part 2: Uniting Efforts

In the second of three parts, unifying security, compliance, and risk assessment get better results

Securing Business File Transfers

Despite the security weaknesses of FTP, there are several approaches IT can take to use the protocol safely.

Database Auditing Gets Serious

Why database-auditing software is critical to protecting your company’s assets

The Internal Security Mindset: Getting Your Head in the Game

IT is still largely unprotected from one area of enterprise risk: the insider threat.

A Guide to Daylight Saving Time Updates

The Daylight Saving Time changes may not have the impact of Y2K, but the ripples may give IT managers heartburn nonetheless

Updated Security Information Manager Tackles Massive Event Logs

SIM adds real-time capabilities but compliance, not threats, stills drives this market

A Loaf, a Phish, and a Reputation

Spam and phishing attacks are getting worse, and new Web threats will complicate networks until some reputations are established

NAC, Vista, and Your Security Strategy

We sort out the options with the most buzz for 2007—NAC, Vista, and NAP—for enforcing security with devices requesting network resources.

Study Reveals What’s Driving Network Access Control

A majority of survey respondents looking to implement an NAC solution want to reduce malware incidents, control remote access to the network, and enforce endpoint configurations.

Security: A Look Back and the Year Ahead

From smarter criminals to network access protection, IT is going to have its hands full in 2007.

Flagship Product Analyzes Red-flagged Applications

When it comes to malware, one company says their product separates the wheat from the chaff, advising enterprises which files should and shouldn’t be on their systems.

Security and SOX: Are CIOs Missing the Boat?

Many CIOs arrived late to Sarbanes-Oxley efforts

Q&A: How Security Budgets Determine Compliance Success

New study highlights commonalities between companies with the fewest IT compliance deficiencies.

Two-Factor Authentication: The Single Sign-on Solution?

New online risk-monitoring and strong-authentication technologies are helping banks meet looming FFIEC online authentication deadlines

Q&A: Automating Security Controls for Compliance

Can companies use built-in ERP capabilities to better automate their IT controls?