Compliance is a natural extension of a vulnerability analysis tool. Normal vulnerability scanning includes searching for unpatched systems, unprotected directories and other errors in configuration.
The business benefits of a cloud computing model have been well stated. You cut costs by switching to more flexible on-demand IT resources that can better handle the ebb and flow technology needs at a company.
Cisco this week announced its intent to acquire privately-held Pari Networks, a provider of network configuration, change and compliance management appliances that was <a href="http://www.networkworld.com/news/2008/013108-network-management-start-up.html">founded by former Cisco engineers</a>.
SAP said Thursday it is acquiring software for handling XBRL (extensible business reporting language) requirements from German vendor Cundus. Terms of the deal, which is expected to be completed this year, were not disclosed.
A survey of more than 900 IT managers shows that adoption of encryption in their organizations is being driven by two main factors, anxiety about possible cyberattacks and the need to meet the payment-card industry (PCI) data security standards.
The second version of the Payment Card Industry (PCI) Data Security Standard (DSS) is being released this afternoon by the organization PCI Security Standards Council, which sets the network and security requirements for merchants and service providers handling sensitive cardholder data.
As we noted in last year's CSO article, "Six ways we gave up our privacy," people are increasingly -- and willingly -- throwing their privacy to the wind, thanks to an addiction to Google apps, GPS devices, the BlackBerry, iPhone and Android, and social networking sites like Facebook and Twitter. Some security experts believe privacy is dead already.
Private sector CIOs appear to be optimistic that the UK government's comprehensive spending review will not have a knock-on effect in their own patch.
The Australian Government is establishing a incident reporting database to improve the occupational safety and healthy of miners.
Beginning Sept. 30, Visa will require merchants and related businesses to conduct wireless security scans to prove compliance with version 1.2 of the PCI Data Security Standard (PCI DSS) which is designed to safeguard cardholder data from wireless threats.
As the grid of smart products grows more crowded with cars, appliances and even clothing carrying sensors, Web access and other technology for transmitting data between consumers and companies, the Federal Trade Commission is considering "do not track" policies.
NEW YORK -- A CISO who spent two years organizing identity and access management for the 15,000 users on his network boiled the whole experience down into a 10-step process he presented at the Security Standard Conference this week.
Government needs to better understand the realities of running profitable businesses -- and quickly -- as it imposes security regulations that can affect the profitability of corporations battling in a competitive environment.
Hardly a week goes by when some organization or another doesn't lose some laptops and face a litany of IT security questions. One that always comes up: Were the systems' disks fully encrypted?