Seven GRC best practices for information security

Home
Topics
Security management strategies
Data governance best practices
Seven GRC best practices for information security

Seven GRC best practices for information security

Seven GRC best practices for information security

Date: Nov 10, 2009

Managing governance, risk and compliance is an essential part of any financial firm's information security program.

In this video, learn the seven most important practices for GRC, and how your enterprise can implement them.

About the speaker:
Eric Holmquist is the president of Holmquist Advisory and the former VP and Director of Operations at Advanta Bank Corp.

More on Data governance best practices

Internal compliance program for Massachusetts data protection law
VIDEO - Having a holistic compliance program is crucial to successfully complying with data security and privacy regulations. In this video, Rick Gammell, director of enterprise information risk management at MassMutual Financial Group, describes how his company tackled compliance with the Massachusetts data protection law.
GRC for financial firms: Managing risk, vendors and change
VIDEO - Learn about managing risks, vendors and change in the first part of a two-part interview with financial-services security expert Eric Holmquist.
GRC for financial firms: The latest threats
VIDEO - In this video, expert Eric Holmquist explains what to look out for in the current threat landscape, including Automated Clearing House (ACH) fraud. He also discusses pandemic planning and how tabletop exercises are critical for successful disaster recovery planning.
Shifting to a flexible information security framework
Tip - Financial-services executives often view information security as locks and keys that impede business, which makes it hard for security to win funding. In this tip, Randall Gamby explains how adopting an information security framework built on the idea of information security as a business enabler will help bridge the gap between security professionals and business managers.
Data Governance
LST - Data Breach Incidents and Prevention Strategies, Data Encryption Life Cycle, PII/PIFI Privacy and Retention, Data Disposal and Destruction, Data Classification

More from Related TechTarget Sites

Security
Cloud Security
Security Channel
Security UK
SMB Security
CIO

Security
- Marty Roesch pushes collective analysis, underscores cyberthreat intelligence
  
  Sourcefire CTO Marty Roesch introduced cloud-based analysis for threat intelligence gathering. Network security monitoring platforms like RSA NetWitness may be headed in a similar direction.
- Longstanding security problems plague enterprises, Trustwave finds
  
  While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.
- Adobe issues support for Flash Player sandboxing in Firefox
  
  Adobe has launched the pubic beta of a new Flash Player sandbox feature for Firefox users, making attacks more difficult for cybercriminals.
Cloud Security
- SaaS security: Weighing SaaS encryption options
  
  A look at SaaS encryption techniques and challenges.
- Panel debates cloud computing governance issues
  
  Problems with data governance in the cloud aren’t much different than traditional outsourcing.
- The proposed EU data protection regulation and its impact on cloud users
  
  Cloud customers and cloud providers would face stricter data security requirements under draft European regulation.
Security Channel
- Survey results: VARs report customers’ IT spending 2012 expectations
  
  VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
- Create a computer security blog to attract and retain customers
  
  Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
- Penetration testing tutorial: Guidance for effective pen tests
  
  This penetration testing tutorial contains essential tips to help solution providers uncover vulnerabilities in clients’ networks.
Security UK
- Web application vulnerability statistics show security losing ground
  
  New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.
- Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7
  
  Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.
- How to apply PCI DSS guidance to virtualisation technology
  
  Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
CIO
- Cost, data quality issues still hobble CIOs' BI strategies
  
  Data quality remains a top challenge for business intelligence. For CIOs, this should be the question: What's good enough for the task at hand?
- Gartner CIO forum: The innovation process and business transformation
  
  The 2012 Gartner CIO Leadership Forum will focus on how CIOs can drive the innovation process and how they and IT can transform the business.
- BI projects require open mind, deft touch
  
  Most organizations sit on a gold mine of business intelligence. Extracting it requires knowing how analytics projects differ from day-to-day IT work.

All Rights Reserved, Copyright 2008 - 2012, TechTarget