Articles about Compliance

So, you're 'ISO 27001 accredited', huh? Just saying so doesn't cut it

ISO/IEC 27001:2013 is more commonly known simply as "ISO 27001". It is, as the ISO website puts it, "the best-known standard in the family providing requirements for an information security management system". On the other hand, many businesses think it is a highly complex, unattainable standard – and a pain in the backside – …
Dave Cartwright, 18 Apr 2017

Cybersecurity rules toughened up for NY financial firms

Major financial firms operating in New York need to comply with tougher cybersecurity rules that came into effect this week. The regulation [PDF] by the New York State Department of Financial Services (DFS) covers issues ranging from the maintenance of written policies, testing, governance and auditing, to detection, defence …
John Leyden, 3 Mar 2017
Hippie peace, image via Shutterstock

It's holistic, dude: How to dodge the EU's £17m data regulation sting

Sysadmin blog Holistic IT is hard. There are those among us who want to purchase hardware, software, services or so-called turnkey "solutions" – as vendors call them – bearing logos and stickers and otherwise don't require any architect-level thinking. None of us wants to dive deep into compliance regimes to understand what we need to do. …
Trevor Pott, 2 Feb 2017
Bank vault

It's good to talk, UK banks told after massaging cyberattack figures

Top techies at British banks are being encouraged to share information about cyberattacks following revelations that the financial sector is under-reporting breaches to regulators. According to the UK's Financial Conduct Authority, only five attacks were reported in 2014, a figure that has soared to 75 so far this year. But …
John Leyden, 18 Oct 2016
casino_security_648

In 2020, biz will chuck $100bn+ at protecting itself online

Security spending is predicted to grow from $73.7bn in 2016 to $101.6bn in 2020, according to analysts. This compound annual growth rate of 8.3 per cent, more than twice the rate of overall IT spending growth, will be increased security spending in healthcare as well as continued strong demand in banking and government. The …
John Leyden, 14 Oct 2016

NHS trusts ‘complacent’ on cloud app security risks

Almost half of NHS Trusts make no attempt to monitor cloud app usage, according to the results of a Freedom of Information request. The same FOI by cloud security firm Netskope also revealed that fewer than one-fifth of NHS Trusts have visibility into all cloud app use, leaving sensitive data vulnerable to both risky apps and …
John Leyden, 30 Sep 2016

Wow, RIP hackers ... It's Cyber-Lord Blunkett to the rescue for UK big biz

A high-profile project has been launched with the aim of strengthening UK enterprises' IT security. The Cyber Highway was launched in London on Tuesday by Lord David Blunkett. The resource offers a “user-friendly online portal for large enterprises that want to strengthen the cyber defence of their supply chain.” Corporations …
John Leyden, 21 Sep 2016

EU cybersecurity directive will reach Britain, come what May

The passage of the EU Directive on the Security of Network and Information Systems (NIS) will have a profound effect on corporate security across Europe and even in Britain, despite the Brexit vote. The NIS Directive applies to organisations that provide elements of a country’s critical national infrastructure – i.e. operators …
John Leyden, 11 Jul 2016
Youth gripping his front teeth with a pair of pliers

At last – Feds crack down on crummy encryption … starting with your dentist

The US Federal Trade Commission (FTC) has struck a $250,000 settlement package in its case accusing a medical software developer of lying about its data encryption capabilities. The makers of Dentrix G5, an office and records tool for dentists, had been accused of lying to customers about the encryption capabilities of the …
Shaun Nichols, 6 Jan 2016
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

UK SMEs with weak security risk procurement exclusion – survey

SMEs need to take cyber security seriously or face being frozen out of the procurement process, according to a new survey from management consultants KPMG. In a poll of UK procurement managers, nearly all (94 per cent) agreed that the cyber security standards of their supplier are important when awarding a contract to an SME. …
John Leyden, 3 Nov 2015
Apple iBooks

ebook price-fixing saga: Apple rids self of court-appointed watchdog

The watchdog assigned to keep close tabs on Apple after it inflated ebook prices has been told to go home by a US court. In 2013, Apple was found to have conspired with publishers to fix the prices of digital books. The Cupertino goliath was ordered by a court to allow an independent monitor into its hallowed halls and inspect …
Shaun Nichols, 14 Oct 2015
Cheat by https://www.flickr.com/photos/sohelparvezhaque/ CC 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Are Samsung TVs doing a Volkswagen in energy tests? Koreans hit back

Samsung has responded quickly to claims that its televisions were designed to cheat in official power consumption tests. Independent European testing lab ComplianTV has claimed that some of Samsung's televisions degrade their performance and lower the brightness of the screen during standard IEC testing, and then return to …
Iain Thomson, 1 Oct 2015
Gravity image

DataGravity puts a little weight behind protecting your information

Paula Long-led startup DataGravity has updated its Discovery array with a second generation Discovery Series V2 software. DataGravity said its arrays integrate the separate functions of data security, search and discovery, and protection into one platform and provide visibility into data as it's created. The added software …
Chris Mellor, 14 Aug 2015

Catch 'em while you can! Presenting Druva's virtual open door detector

Think checking doors and windows every night so as to stop burglars scrambling through to rob you. Well, now your personal data can be handled in the same way, with Druva's end-point protection services identifying risky exposure to sensitive information loss by scanning backed-up data and alerting compliance teams. Its inSync …
Chris Mellor, 22 Jul 2015
management governance3

E-commerce enterprises gently told to update those protocols ... or else

A revamp in payment card industry regulations due out later this month will penalise e-commerce enterprises that rely on outdated crypto protocols. The PCI Security Standards Council updated standard – PCI DSS 3.1 – mandates that businesses move away from SSL onto more modern TLS protocols. The council is introducing the …
John Leyden, 7 Apr 2015
Hillary Clinton

Clinton defence of personal email server fails to placate critics

Analysis Hillary Clinton's admission that she was perhaps unwise to make exclusive use of a personal email account while serving as US Secretary of State has failed to placate critics, some of whom are trying to use the affair to derail her expected challenge for the White House next year. Clinton has issued a minimal mea-culpa stating …
John Leyden, 12 Mar 2015

Can't stop Home Depot-style card pwning, but suppliers will feel PCI regulation pain

Third-party providers will face more stringent regulations as part of a revamp in payment card industry regulations due to go into full effect in the new year. The new Payment Card Industry Data Security Standard 3.0 (PCI 3.0) will be mandatory for all businesses that store, process or transmit payment card information …
John Leyden, 17 Dec 2014

What you need to know before moving to the cloud

If you are located in the land Down Under and searching for public cloud hosting, then it might seem that the options available to you are pretty good. Amazon and Microsoft play in the market and the prices they offer are reasonably competitive. There are also a number of smaller cloud operators doing quite well for themselves …
Aaron Milne, 19 Jun 2014

Create a news alert about Compliance, or find more stories about Compliance.

Biting the hand that feeds IT © 1998–2017