Manage

Learn to apply best practices and optimize your operations.

Audit and compliance planning

Security management plan reveals essential business security upgrades

As companies create their security management plan for the coming year, they should look to upgrades in Linux and Windows operating systems, Adobe applications and Internet browsers to improve their overall security position. Continue Reading
PCI DSS requirement: Maintaining a vulnerability management program

The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Continue Reading
Inside Ryder Truck Rental's PCI compliance project

In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures. Continue Reading
PCI DSS requirement: Building and maintaining a secure network

The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection. Continue Reading
Five things to do before your first PCI DSS compliance audit

Put these steps in motion before your organization's first PCI DSS compliance audit. Continue Reading
How to choose an external compliance auditor

Headed for a PCI DSS, HIPAA or Sarbanes-Oxley audit? Picking the right auditor is a key decision; select one who becomes a business partner, ally and educator.Continue Reading
PCI DSS: Writing an information security policy

The final set of PCI requirements relates to maintaining a security policy, and also addresses awareness training, personnel screening and managing service provider relationships.Continue Reading
PCI DSS requirements include strong access control procedures

The fourth focus of PCI DSS requirements governs how organizations enable and restrict access to cardholder data and limit physical access to cardholder data.Continue Reading
Midmarket security governance: Develop an IT engagement model

Midmarket IT organizations may follow an engagement model that facilitates the integration of information security into the business.Continue Reading
Fact or fiction: Building upon existing compliance infrastructure

In a fast-paced "fact or fiction" format, Burton Group's Trent Henry will discuss the must-have compliance technologies and how an organization can piggy-back existing infrastructure to satisfy the regulators.Continue Reading
Consider a compliance-driven security framework

Midmarket companies bound to regulations such as PCI DSS, HIPAA and Sarbanes-Oxley should consider using these requirements as the basis for their security programs.Continue Reading
When filling out the PCI DSS questionnaire, is it important to provide documentation?

It's time to fill out the PCI DSS questionnaire, but management has said that it's no big deal, there's no need to provide accompanying documentation. But what will happen when an auditor comes knocking? Security management expert Mike Rothman ...Continue Reading

Carbon Black acquisition bolsters VMware's security play

VMWare announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings...

Securing IoT involves developers, manufacturers and end users alike

Who's to blame for the IoT security problem: manufacturers creating devices, end user deploying them or governments not creating ...

DARPA unveils first SSITH prototype to mitigate hardware flaws

DARPA is still in the early prototype stages of its SSITH program, but the aim is to develop an open source chip able to block ...

SearchCloudSecurity

How to conduct proper AWS vulnerability scanning in 3 steps

Cloud vulnerability management can be complicated. Learn how to perform AWS vulnerability scans under the shared responsibility ...

Research shows cloud security vulnerabilities grow

Recent research shows the number of cloud security incidents are growing. Here are the biggest contributors to the complicated ...

4 necessary steps to evaluate public cloud security

The Capital One hack raised questions about public cloud security. Take these four steps to ensure your data is protected.

SearchNetworking

What is data center networking, and how can you get started?

This feature explores the basics of data center networks, such as how to plan for data center consolidation, the effects of cloud...

Gartner Hype Cycle deems software-defined networking obsolete

A Gartner report on enterprise networking has declared the definition of SDN and its architectural approach as deceased. Cause of...

The top 5 capabilities your edge infrastructure should have

The network edge plays a vital role in the future of networking and digital transformation. Make sure your infrastructure has ...

SearchCIO

How to deal with the lack of chatbot standards

A lack of standards around chatbot development has created a situation in which enterprises are building and rebuilding bots. But...

RPA journey: Schneider Electric's global plan taps Blue Prism, UiPath

Schneider Electric, a multinational energy management company, has embarked on a robotic process automation journey, establishing...

Blurring the lines between RPA platforms and APIs

RPA is quickly making itself known in the automation market, but the real game changer is utilizing the technology in an API-rich...

SearchEnterpriseDesktop

Windows 10 19H2 update brings few changes, more confusion

Windows 10 updates have plagued IT since the inception of the OS. Microsoft may be attempting to assuage IT's concerns with the ...

New Windows vulnerabilities reveal there is no rest for weary IT

The two latest Windows security vulnerabilities reiterate the importance for IT admins to stay diligent when updating and ...

7 questions to ensure UEM supports a Windows 10 migration

The right UEM platform will go a long way in streamlining a Windows 10 migration. Ask these questions to ensure your ...

ComputerWeekly.com

IR35 reforms: HMRC defends off-payroll rules guidance against "woeful" IPSE jibes

HMRC promises there are more preparatory materials in the pipeline to help the private sector prepare for the April 2020 IR35 ...

Three more identity providers to withdraw from troubled Gov.uk Verify programme

Three of the five companies supporting the government's troubled digital identity scheme are pulling out, raising further ...

How to bolster IAM strategies using automation

Identity and access management processes and technologies play an important role in security strategies, but organisations and IT...

Manage

Audit and compliance planning

Security management plan reveals essential business security upgrades

PCI DSS requirement: Maintaining a vulnerability management program

Inside Ryder Truck Rental's PCI compliance project

PCI DSS requirement: Building and maintaining a secure network

Five things to do before your first PCI DSS compliance audit

How to choose an external compliance auditor

PCI DSS: Writing an information security policy

PCI DSS requirements include strong access control procedures

Midmarket security governance: Develop an IT engagement model

Fact or fiction: Building upon existing compliance infrastructure

Consider a compliance-driven security framework

When filling out the PCI DSS questionnaire, is it important to provide documentation?

-ADS BY GOOGLE

SearchSecurity