Compliance

Compliance | News, how-tos, features, reviews, and videos

questions analytics

What is Grafeas? Better auditing for containers

Google's Grafeas provides a common API for metadata about containers, from image and build details to security vulnerabilities

4 compliance

What is GRC and why do you need it?

GRC is a strategy for managing an organization's overall governance, enterprise risk management and compliance with regulations Learn how GRC can help you align IT activities to business goals, manage risk effectively and stay on top...

artificial intelligence brain circuitry circuits electronics

The hidden risk of blind trust in AI’s ‘black box’

Companies intent on weaving AI more tightly into the fabric of their businesses are seeking to better explain how algorithms make their decisions, especially where risk and regulations are involved.

audit searching

10 ways you’re failing at IT audits

IT audits can feel like a grim nuisance, but great value awaits those who heed these common mistakes that inevitably lead to an IT audit disaster.

coal power station

Critical Infrastructure Protection (CIP): Security problems exist despite compliance

CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S. However, it gets a good deal of attention because this regulation is centered around the cybersecurity of assets deemed to be critical to the...

external url

The top 6 Governance, Risk and Compliance certifications

CEOs are always on the lookout for dependable folks who can identify potential exposures and quantify the impacts of risk on an organization while protecting the interests of employees, shareholders, other organizations and the...

Few firms will be ready for new European breach disclosure rules, fines

The new European General Data Protection Regulation goes into effect next May, with onerous notification requirements and high penalties, but a year might not be enough for firms to get ready

times square new york

New financial regulations go into effect in New York

On March 1, new regulations go into effect in New York State, requiring that all regulated financial services institutions have a cybersecurity program in place, appoint a Chief Information Security Officer, and monitor the...

europe data privacy rules primary2

U.S. companies spending millions to satisfy Europe's GDPR

PwC says CIOs are allocating millions of dollars from their budgets to accommodate the Europe’s General Data Protection Regulation, which will require U.S. companies to meet stringent data privacy rules in 2018.

0 regulated

7 cybersecurity best practices that regulated industries deal with

Whether you work for an organization controlled by compliance standards or you are an independent IT firm looking to build your enterprise business, understanding industry regulations is crucial as it pertains to cybersecurity....

fog visibility island

Visibility, security top concerns for cloud computing adoption

Enterprises considering adopting public clouds are concerned about where their data is located and how it's protected, according to a new survey by IDG.

cloud map

What’s behind Amazon, Microsoft and Google’s aggressive cloud expansions

In the first week of October, Amazon Web Services, Microsoft Azure and Google Cloud Platform all announced plans to build out new regions for their IaaS cloud operations. The new regions add to an already impressive roster of data...

misunderstood contracts disagreement argue blame

5 commonly misunderstood compliance terms

Understanding the terms is critical given the complexity of compliance, and will help you when analyzing the best technology solutions to manage compliance as a whole

space launch systems

NASA CIO allows HPE contract's authority to operate to expire

In the wake of continued security problems, NASA's CIO is sending a no-confidence signal to Hewlett Packard Enterprise, which received a $2.5 billion contract in 2011 to address problems with the agency's outdated and insecure...

pixelated clouds reflecting on building windows

Experts challenge Skyhigh's patent for cloud-based encryption gateway

Skyhigh Networks, Inc., announced today that it has received a patent for using a hosted gateway to encrypt and decrypt data moving between users and cloud services such as Office 365, but some experts say that the technology is...

EMV transition involves many moving parts

There's a lot of finger pointing going around about why the transition is going so slowly, but the bottom line, according to experts, is that the United States has a more complicated infrastructure than other countries and the...

Regulators: cybersecurity poses biggest risk to global financial system

Last week, the chair of the Securities and Exchange Commission called cybersecurity the biggest risk facing the global financial industry. The SEC promises to step up regulation and Swift itself is expected to launch a new cyber...

cloud computing pondering reflective mystery

How compliance can be an excuse to shun the cloud

Companies in heavily regulated industries say they can't embrace the cloud due to compliance. That's just an excuse.

outsourcing international workers

Is outsourcing IT worth the compliance risk?

While the feds have certainly put hurdles in place to prevent abuse, outsourcing IT in a highly regulated industry like banking may very well lead to higher standards and quality outcomes.

How to manage the risks and costs of software compliance

Software compliance can be a tricky – and expensive – challenge for most IT leaders. Luckily, tech solutions let you manage software assets.

Load More