5 ways to easen management sanction for infosec budgets

Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively.
PCI Council endorses P2P encryption for mobile

A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
Mobile malware thrives on Android security model

At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.
POS terminal security: Best practices

Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices.

Business compliance management

Essential Knowledge
News
Tips
Definitions
Multimedia
All

Vodafone India’s PCI DSS compliance journey: A dissection

With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major. Feature
India Inc guns for SIEM tools as maturity, viability drive growth

SIEM tool adoption in India is rising, spurred by growth in maturity of both SIEMs and organizations. We take a broad status check of the Indian SIEM space. Feature
nullcon Tritiya’s infosec conference: Day 1 walkthrough

Join us, as we take a look at the third installment of annual information security conference nullcon 2012. Photo Feature
Airtel’s DLP technology rollout makes data egress a thing of the past

Airtel’s DLP technology implementation, India’s largest, went live in December 2010. Join us in exploring its inner workings, even as it is poised for bigger things. Feature
BYOD security: Where does India Inc stand?

With the proliferation of smart devices, BYOD security is a major concern for enterprises today. Find out how the leaders are coping with BYOD security. Feature
The IT (Amendment) Act 2008 Guide: Mapping India’s infosec revolution

Starting with the establishment of the Information technology (Amendment) Act 2008, we chart the timeline of how Indian infosec has seen regulation. Tutorial
Indian IT Rules 2011: Industry cautiously upbeat amidst gray areas

The Indian IT Rules 2011 notification has brought some level of clarity to the IT Act, but several aspects in the IT rules remain open to interpretation. Feature
Quick and dirty Wireshark tutorial

Wireshark has become a very useful tool for many infosec pros. This hands-on Wireshark tutorial will acquaint you with the network sniffer’s capabilities. Hands On
FAQ: What impact do mobile computing devices have on IT compliance?

More mobile computing devices means more security threats. Here are things to consider in adjusting your IT compliance strategy to meet challenges brought by iPhones and the like. FAQ
SSL VPN evaluation, implementation and management guide for India

Looking for the right SSL VPN? This customized evaluation guide designed for India will prove helpful. Buyer's Guide
See More: Essential Knowledge on Business compliance management

PCI virtualization compliance still a challenge

No black and white when it comes to PCI compliance in virtualized environments, experts say. News | 09 May 2012
BYOD security policy, not MDM, at heart of smartphone security

Effective security policies, not a mobile device management platform, will solve corporate mobile device security issues, according to a security expert. News | 13 Apr 2012
Industry is doomed by automation, misguided IT security strategy, experts warn

Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch. News | 04 Apr 2012
Bank of India’s BS 25999 certification journey nears completion

This is the story of how Bank of India turned around its business continuity strategy from a state of chaos as it geared up for BS 25999 certification. Case Study | 29 Mar 2012
Verizon data breach report shows weak passwords at root of 2011 data breaches

Weak and default passwords are at the root of many data security breaches investigated by Verizon in 2011. News | 07 Mar 2012
NIST releases SP 800-153 WLAN security guidelines

The recently released NIST SP 800-153 addresses security of WLANS. Join us, as we take a closer look at the document’s recommendations. News | 07 Mar 2012
FBI Director Mueller: For U.S., cybersecurity threats will surpass terrorism

At RSA Conference 2012, FBI Director Robert Mueller said the bureau is ramping up to fight cybersecurity threats and boost information-sharing efforts. News | 01 Mar 2012
Mobile security, BYOD policy issues to trend at RSA 2012, analysts say

BYOD policy issues are a big concern for enterprises grappling to secure employee smartphones and tablets, say analysts previewing RSA 2012. News | 21 Feb 2012
New MDM service ties Apple, Android devices to Active Directory

Centrify mobile security supports Apple iOS and Google Android devices and can connect them to Microsoft Active Directory, but it lacks the robust management features found in major MDM suites, analyst says. News | 14 Feb 2012
Emerging 2012 security trends demand information security policy changes

2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. News | 29 Dec 2011
See More: News on Business compliance management

Information security budgets: Five steps to obtain management buy-in

Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively. Tip
POS terminal security: Best practices for point of sale environments

Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices. Tip
HDFC Bank’s enterprise security framework up close

Indian BFSI major HDFC Bank’s enterprise security framework is based on its ‘4 pillars of information security’. Join us as we gain insights from HDFC Bank. Tip
Business case for PCI compliance using a risk-driven approach

PCI compliance that exceeds the minimum requirement helps establish a robust, optimized security posture, which can be achieved via a risk-driven approach. Tip
Building a compliance culture means learning from mistakes

In this bonus to our "Compliance scorecard" Security School lesson, Eric Holmquist covers the importance of learning from failure by assessing how and why mistakes happen. Tip
Web application security guidelines for developers

The best way to mitigate Web app flaws is to prevent them in the first place. Learn how with these Web application security guidelines for developers. Tip
Managing PCI DSS requirements compliance when moving to the cloud

Despite the challenges, organizations can maintain PCI compliance when migrating to a cloud computing service with careful analysis and strategic planning. Ed Moyle explains how. Tip
NIST SP 800-30 standard for technical risk assessment: An evaluation

Risk assessment with NIST SP 800-30 focuses on securing IT infrastructure. Find out NIST SP 800-30 strengths, and learn how it differs from other standards. Tip
OCTAVE risk assessment method examined up close

The OCTAVE risk assessment method is unique in that it follows a self-directed approach to risk assessment. Leverage its strengths with this expert tip. Tip
Create a BlackBerry security policy based on BES or BES Express

Mobile security expert Lisa Phifer outlines the many ways security solution providers can secure their customers’ BlackBerry devices. Tip
See More: Tips on Business compliance management

Mahindra Special Services Group (MSSG)

Mahindra Special Services Group (MSSG) is a corporate security consultancy firm. Definition
Network Intelligence India Pvt. Ltd. (NII Consulting)

Network Intelligence India Pvt. Ltd. (NII Consulting) is an Indian provider of information security services and products. Definition
knowledge process outsourcing (KPO)

Knowledge process outsourcing (KPO) is the allocation of relatively high-level tasks to an outside organization or a different group within the same organization. Definition

The effects of PCI DSS, compliance requirements on the security industry

Paul Judge of Barracuda Networks and Joshua Corman of the 451 Group discuss whether compliance hinders the creation of innovative security technologies. Discussion
Default deny security: How to implement a positive security model

What is 'default deny' security? How difficult is the implementation process, and how could you sell it to executives? In this video, expert Mike Rothman explains how a positive security model works and how to decide if it's right for your enterprise... Video
GRC tools high on HDFC Bank’s infosec priorities for 2011

HDFC Bank lists governance, risk and compliance as its top information security priority for 2011. Investments in GRC tools on the charts for next year. Video
Face-off: Information security awareness and when not to reveal information

Can the security industry learn from the Transportation Security Administration? It may seem like an odd pairing, but both struggle with the challenges of protecting those in their care while maintaining usability and personal privacy. Video
Risk management in information technology

Get advice on creating a strategy for mitigating information security risk from expert Nick Frost of the Information Security Forum. Video
The future of PCI DSS

Bob Russo, General Manager of the PCI Security Standards Council, discusses upcoming changes to the PCI DSS, including what new changes might be mandated, and when they might go into effect. Video
Metasploit and software vulnerability testing

Metasploit is a free tool that can be used to pen test for new and potentially damaging vulnerabilites. In this interview, H.D. Moore, creator of Metasploit, explains how the tool works and what it can contribute to software security. Video
Bruce Schneier on security for cloud computing

In part one of this interview with author and leading security expert Bruce Schneier, he discusses how cloud computing is changing the information security industry, and how companies should adapt to keep up. Video
Noted cryptographer on SSL, encryption and cloud computing

Cryptographer, Taher Elgamal of Axway Inc., the inventor and initial driving force behind SSL, explains how applications may be better adapted to defend against attacks. Video
Jim Reavis on cloud computing security and regulatory compliance

Jim Reavis of the Cloud Security Alliance talks about how to secure the cloud, including some advice for compliance officers. Video
See More: Multimedia on Business compliance management

Information security budgets: Five steps to obtain management buy-in

Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively. Tip
POS terminal security: Best practices for point of sale environments

Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices. Tip
PCI virtualization compliance still a challenge

No black and white when it comes to PCI compliance in virtualized environments, experts say. News
BYOD security policy, not MDM, at heart of smartphone security

Effective security policies, not a mobile device management platform, will solve corporate mobile device security issues, according to a security expert. News
HDFC Bank’s enterprise security framework up close

Indian BFSI major HDFC Bank’s enterprise security framework is based on its ‘4 pillars of information security’. Join us as we gain insights from HDFC Bank. Tip
Vodafone India’s PCI DSS compliance journey: A dissection

With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major. Feature
Industry is doomed by automation, misguided IT security strategy, experts warn

Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch. News
India Inc guns for SIEM tools as maturity, viability drive growth

SIEM tool adoption in India is rising, spurred by growth in maturity of both SIEMs and organizations. We take a broad status check of the Indian SIEM space. Feature
Bank of India’s BS 25999 certification journey nears completion

This is the story of how Bank of India turned around its business continuity strategy from a state of chaos as it geared up for BS 25999 certification. Case Study
Verizon data breach report shows weak passwords at root of 2011 data breaches

Weak and default passwords are at the root of many data security breaches investigated by Verizon in 2011. News
See More: All on Business compliance management

About Business compliance management

Learn how to leverage information security readiness for business and regulatory compliance. Craft comprehensive compliance risk management strategies and explore compliance management best practices. Leverage security and compliance frameworks for business growth.

Latest Headlines

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Business compliance management

About Business compliance management

More from Related TechTarget Sites