Auditing, testing and assessment for compliance, Bank Secrecy Act compliance, Basel II regulatory compliance and requirements, Compliance best practices, Electronic data discovery compliance, FACTA law requirements, FFIEC compliance guidelines, GLBA compliance requirements, HIPAA: Laws and guidelines, PCI DSS: Audits and requirements, Risk frameworks, metrics and strategy, SEC and FDIC regulations, SOX financial reporting compliance, State data security breach laws
Financial services companies face a litany of threats to their IT security, including P2P botnets, phishing, social engineering, rootkits and more. Get resources on threat prevention for financial institutions and learn how to prevent attacks like DDoS, worms, Trojans, cross-site scripting and more.
Though millions of Android devices could contain the Heartbleed OpenSSL vulnerability, experts say the risk to Android users may not be that great.
The Department of Defense is using a converged network security architecture to simplify security management. Learn about the security benefits.
Proving the Heartbleed OpenSSL vulnerability can be exploited in the wild, two organizations say attackers have used it to glean sensitive data.
Expert Dave Shackleford says cloud tokenization technology is becoming an attractive alternative to cloud encryption, but problems persist.
A cloud service provider experiencing a data breach is not an impossible scenario. Discover how enterprises should plan for the worst.
Emerging cloud attacks threaten cloud data security by exploiting the gap between enterprise controls and provider transparency.
Avoiding command-and-controls policies can help IT better respond to the growing needs of mobile workers and meet its organization's goals.
Increased employee mobility in recent years has shifted IT's focus from desktop and laptop delivery to security risks associated with mobile devices.
Apple devices and OSes are consumer favorites, but they also come with management tools and application features that IT can take advantage of.
Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.
Version 3.0 of the Payment Card Industry Data Security Standard has few surprises, but a host of new requirements and challenges for merchants.
Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices.
The widespread iOS app vulnerability, which stems from the way many mobile applications handle caching, allows attackers to control an app's content.
Indian companies are beginning to adopt managed security services as a lack of internal resources and rapidly changing business models force a change of strategy
OpenDNS CTO Dan Hubbard says big data techniques like machine learning and data mining can be used to spot and mitigate unknown Internet threats.
In this excerpt from Linux Malware Incident Response, authors Cameron Malin, Eoghan Casey and James Aquilina discuss volatile data collection methodology, steps and preservation.
In 2002, Microsoft chief Bill Gates sent out the Trustworthy Computing memo to staff. Microsoft’s new CEO, Satya Nadella, had his Trustworthy Computing moment this week.
Come summer and work will start on a £40m green datacentre covering 75,000 sq ft at Queensway Business Park in Glenrothes, Fife
University ditches Cisco and adopts a new Wi-Fi network to support more voice and video applications over mobile devices