Items Tagged with "Regulation"


37d5f81e2277051bc17116221040d51c

FFIEC Banking Security Guidelines In Effect Soon

January 05, 2012 Added by:Robert Siciliano

The FFIEC updated security guidelines go into effect in less than a month. It is imperative that financial institutions recognize that the security precautions currently in place are ineffective in the face of new, more sophisticated attacks...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Medical Device Security: Killed by Code

January 04, 2012 Added by:Danny Lieberman

I’ve been talking to our medical device customers about mobile security of implanted devices for over a year now. I think it’s only a question of time before we have a drive by execution of a politician with an ICD (implanted cardiac device)...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Hacktivism: The End Result Versus the End Goal

December 31, 2011 Added by:Rafal Los

Unless your cave doesn't get the news, you've seen the barrage of and hacking over the past several months. If experience teaches us anything these folks are holding the final nail in the coffin of Internet freedom as it's driven in by the government they fear...

Comments  (0)

Fe3139b2aae983885565da7757da08a8

Chatting With An Auditor About Credit Union Compliance

December 16, 2011 Added by:Ed Moyle

Credit unions, by virtue of their regulatory context, have more "interpretive latitude" in how technical security controls get implemented. Meaning they should try on PCI compliance before calling out merchants - especially the big ones - for having it soft...

Comments  (0)

Fe3139b2aae983885565da7757da08a8

Google Wallet and the Edge of PCI’s Regulatory Map

December 14, 2011 Added by:Ed Moyle

Folks might object to sensitive data being stored in cleartext within Google Wallet - I sure do - but the problem isn't so much Google Wallet but instead the fact that mobile devices are blurring the lines between what's a payment application and what's not...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance: Is Water Wet or is Jack Webb Still the Man?

December 13, 2011 Added by:Thomas Fox

One of the constant refrains for any compliance officer is responding to employees’ inquiries. Questions come in all shapes and sizes and from all over the world. The compliance professional must try to ascertain the facts to give an intelligent, coherent and, hopefully correct response...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

The Visible Hand: A New Compliance Model

December 09, 2011 Added by:Thomas Fox

A company should look for small ways to expand employee autonomy in the compliance area. This does not mean a complete abdication of the role of the Compliance Department, but it does mean a notch-by-notch transfer of authority to persons in the field...

Comments  (0)

D15e0b682a84587af9af463961d00f22

Accounting for Cybersecurity

November 20, 2011 Added by:John Nicholson

Companies now face the unenviable task of deciding what aspects of cyber incidents or risks are “material” and disclosing them, with the knowledge that the sophisticated and determined nature of cyber-attackers makes predicting the nature of an attack and its consequences incredibly difficult...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

India Assumes Global Leadership Role in Cybersecurity

November 15, 2011 Added by:Headlines

“India welcomes the decision of the EastWest Institute to bring this powerful forum to New Delhi. Working together with like-minded countries and businesses worldwide, India will work hard to assure that practical advances in cybersecurity are made and international cooperation advanced..."

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

PUC Holds Hearing on Smart Grid Rules

November 12, 2011 Added by:David Navetta

The rules also require utilities to provide annual written notice to customers explaining security policies governing access to and disclosure of aggregated customer data to third parties. The new rules provide clarity on protecting customers from unauthorized disclosure..

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance: Telling the Board What it Needs to Know

November 03, 2011 Added by:Thomas Fox

In an article entitled “Telling Your Board What it Needs to Hear”, author Arielle Bikard discusses the views of Pfizer Inc’s Chief Compliance Officer (CCO), Douglas Lankler, on how he keeps the Pfizer Board of Directors up to date on compliance issues...

Comments  (1)

C70bb5cfd0305c9d18312d92f820c321

Balkanizing the Internet

November 01, 2011 Added by:Gabriel Bassett

The internet is really not one contiguous environment. Instead, due to the nature of service contracts and peering agreements, it's a mesh of interconnected information systems. These information systems are already undergoing a balkanization as we speak...

Comments  (0)

1156f97fa8f23821bd838fe7d9283d90

How FERPA Compares to HIPAA

October 26, 2011 Added by:David Sopata

Even through HIPAA has been around since 1995 it really had not gained momentum until the past few years when fines started being issued. However, there is a privacy law that has been on the books for much longer than HIPAA and it is the Family Educational Rights and Privacy Act or FERPA...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Emerging Companies Can Delay SOX Compliance

October 24, 2011 Added by:Headlines

New companies with a market capitalization under USD 1 billion will now be able to opt-out of regulations within section 404 of the Sarbanes-Oxley (SOX) Act for the first ten years after going public. This option was previously available to companies under USD 75 million...

Comments  (0)

1156f97fa8f23821bd838fe7d9283d90

A High Level Methodology to Show Due Diligence

October 18, 2011 Added by:David Sopata

Acquisitions, mergers, and new services may introduce new regulations within an organization. If they are not properly maintained they can fluctuate from compliant to non compliant within any given day. So the question is: Does your organization show due care and due diligence?

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Look Around...The FTC is Really Busy

October 17, 2011 Added by:David Navetta

One of the most important elements in this publication is the FTC’s statement that all of the laws applicable to consumer protection offline apply online too. The FTC advised that we should use the same factors we use to determine if a disclosure is conspicuous...

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »