Blog Posts Tagged with "Assurance"

Fc152e73692bc3c934d248f639d9e963

More on PCI Scoping

June 22, 2012 Added by:PCI Guru

“At least annually and prior to the annual assessment, the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and flows of cardholder data and ensuring they are included in the PCI DSS scope"...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Keeping Security Relevant: From Control to Governance in the Cloud

May 11, 2012 Added by:Rafal Los

When someone mentions public cloud, you quickly see the polarizing effects the topic has, generating a very negative reaction to the idea of putting anything corporate in the public cloud. What does that mean for the future of corporate information security and risk management?

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

SOC 2: The Customer Security Questionnaire Killer

May 07, 2012 Added by:Jon Long

User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

CISSP Reloaded Domain 5: Security Architecture and Models

April 09, 2012 Added by:Javvad Malik

This domain has a good title and there is probably a lot one can talk about. There are not enough competent security architects on the market. Sure you can get a lot of penetration testers of or risk and compliance type people. But good architects are hard to come by...

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

Security Versus Compliance

December 05, 2010 Added by:Alexander Rothacker

Most corporations do not have strong security cultures. Who with a budget is going to understand the anatomy of a database attack? Security advancements at many corporations are uphill battles that are largely enabled by compliance projects. Remember, the gold is in the database...

Comments  (0)