PCI DSS Automated Scanning Vendor (ASV) Shame…
Is your ASV really getting the job done? I spent several years working with organizations building their Automated Remote Scanning systems and fought the good fight as prices for remote PCI DSS scans...
View ArticleNew Gadgets (iPhones, etc..), Compliance, and Awareness
A short piece in the Wall Street Journal the other day focused on the challenges that firms face with the introduction of new technology, and how these new gadgets can complicate an organization’s...
View ArticleAnnually Review Governance Control Programs
A client of mine recently updated their rich corporate governance program, and beyond obvious extensions to include recent State laws (introduced in the last 6 months) governing data usage and some...
View ArticlePCI DSS Safeguards can mitigate recent hardware attacks
There have been recent attacks that threaten the physical integrity of systems, but can be mitigated through the adherence to PCI DSS, and increased vigilance. The recent news stories on Firewire...
View ArticleRSA 2008 Conference Wrap Up
Back in Atlanta after a week in San Francisco for RSA’s annual conference on security. This being my first year in attendance I have no comparison from prior years, but have heard that the crowds were...
View ArticleIT Strategy for 2010 by James DeLuccia
KPMG put out a 10 to-do items for Audit Committees that defines excellent areas that should receive attention given the economic and competitive environments. You can find the press release here....
View ArticleGRC Implementation Tips, beyond ComplianceWeek
ComplianceWeek has two examples of implementing ITGRC solutions in two multi-billion dollar organizations. Each interestingly deployed in two unique fashions and had different takeaways from the...
View ArticleInnovating and penetrating the market – Battlefield Leadership Series –...
Longues Sur Mer At this location on the coast of Normandy you can see the immense naval guns setup to attack oncoming ships in World War II. The Germans expended resources and relied heavily upon on...
View ArticleMapping the Startup Maturity Framework to flexible information security...
After over a decade of working with startups, private equity, and over the last 5 years of deep big 4 client services acting in different executive roles (CISO, CIO Advisor, Board of Directors support)...
View ArticleMapping the Startup Maturity Framework to flexible information security...
After over a decade of working with startups, private equity, and over the last 5 years of deep big 4 client services acting in different executive roles (CISO, CIO Advisor, Board of Directors support)...
View ArticleMapping the Startup Maturity Framework to flexible information security...
After over a decade of working with startups, private equity, and over the last 5 years of deep big 4 client services acting in different executive roles (CISO, CIO Advisor, Board of Directors support)...
View Article
More Pages to Explore .....