-
Vodafone India’s PCI DSS compliance journey: A dissection
With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major. Feature
-
Information security and risk management guides for CIOs
Keeping your IT organization safe and secure is one battle. Doing it while staying in compliance with all applicable laws and regulations is another. These CIO Briefings will help you do both, and then some. Tutorial
-
IDFC’s information security awareness week tastes success with ‘Mr Gobo’
Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more. News | 08 Feb 2012
-
Funding, carelessness, hurdles to secure networks: Dr Whitfield Diffie
Cryptographic pioneer Dr. Whitfield Diffie spoke at SecurityByte 2011 in Bengaluru, where SearchSecurity caught up with him. Here’s what he had to say. News | 15 Sep 2011
-
RBI guidelines focus on fortifying IT security by banks
RBI has issued security guidelines for the Indian banks that touch upon aspects such as IT governance, security, and cyber fraud. News | 21 Jan 2011
-
Compliance Q&A: Chief audit executives seek credibility with C-suite
With corporate scandals elevating the importance of chief audit executives, now is the time for CAEs to strategically partner with the C-suite, says Deloitte veteran Shayne Gregg. Interview | 10 Nov 2010
-
ISACA launches Business Model For Information Security
The Business Model for Information Security (BMIS) launched by ISACA provides a holistic approach for managing information security, while directly addressing business objectives. News | 08 Oct 2010
-
Security metrics lessons from Infosys
Infosys leverages security metrics to measure the effectiveness of its security posture and risk framework. Case Study | 08 Sep 2010
-
ISF Reports Future Threats to Information Security
The Information Security Forum (ISF) has come up with a 'Threat Horizon 2012' report that details ten future scenarios where businesses could be vulnerable to risk. . Article | 13 Aug 2010
-
Information Security Day goes global today
This day heralds Information Security Day, a day solely dedicated to the cause and betterment of the information security domain at the international level. Article | 05 Aug 2010
-
IT Amendment Act 2008 compliance guidelines for India.org
Here are some practical guidelines for organizations that are looking to comply with IT Amendment Act 2008. Article | 12 Jul 2010
-
PCI call centre: Understanding PCI DSS call recording requirements
New guidance has recently been released to help companies struggling with PCI call centre compliance understand the mandates. The guidelines, coupled with emerging call centre security technologies, could greatly aid companies' compliance efforts. Article | 24 Jun 2010
- See More: News on Information security policies and end-user awareness training
-
Map your data classification policy to controls effectively: How-to
Data classification policy plays an important role in control implementation and effectiveness. We take a look at the involved parameters. Tip
-
Pitch for security investment planning: How-to
Security investment planning for a scalable future-proof business infrastructure can be tricky. Here’s how you can prepare the business case. Tip
-
Three mobile device security policy lookouts from ISF
Advice from Information Security Forum (ISF) on how to draft a comprehensive mobile device security policy, given the evolving mobile device environment. Tip
-
Leveraging ISO 27005 standard’s risk assessment capabilities
In this first of a series of articles on risk assessment standards, we look at the latest in the ISO stable; ISO 27005’s risk assessment capabilities. Tip
-
Security awareness training mantras from Central Bank of India
Get insights into Central Bank of India’s comprehensive information security awareness training programs. Tip
-
Mature data loss prevention: 8 questions to ask your vendor
To determine if a data loss prevention (DLP) solution truly meet your organization’s needs, there are certain clarifications you always require. Tip
-
Implement ISMS and sustain it, with these tips
ISMS implementation for obtaining ISO 27001 certification is only half the job. Going forward, these best practices are critical to sustain the ISMS. Tip
-
A social networking policy template for information awareness training
Regardless of whether your organisation allows social networking, you must have a policy to address inappropriate employee postings. Expert Michael Cobb lays out a checklist of what you should be sure to include in your policy and employee training. Tip
-
Seven social media security best practices
This tip aims to highlight seven crucial factors to be considered while devising a strategy for optimal social media security. Tip
-
Essential ingredients for ISMS implementation success
Information security management system (ISMS) efficiency hinges on three critical factors—design, implementation, and maintenance. How can you ensure these? Tip
- See More: Tips on Information security policies and end-user awareness training
-
Best practices for choosing an information security team new hire
Hiring someone for your information security team? In this expert response, information security management expert David Mortman explains what relevant information security experience is. Ask the Expert
-
Employee information security awareness training for new IAM systems
When an enterprise gets new IAM systems, training employees on how to interact with the technology is one of the most important aspects of deployment. Learn how to implement employee information security awareness training for new IAM systems and tec... Ask the Expert
-
information security management system (ISMS)
An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. Definition
-
vulnerability and patch management
Vulnerability management is a pro-active approach to managing network security. Definition
-
CERT-In (the Indian Computer Emergency Response Team)
CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization. The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT ... Definition
-
Information Technology Amendment Act 2008 (IT Act 2008)
The Information Technology Amendment Act, 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act (ITA-2000). The IT Amendment Act was passed by the Indian Parliament in October 2008 and came into force a year later. Definition
-
Vodafone India’s PCI DSS compliance journey: A dissection
With Vodafone India’s PCI DSS compliance journey in its third iteration, we share practical PCI DSS tips and ground realities from the telecom major. Feature
-
IDFC’s information security awareness week tastes success with ‘Mr Gobo’
Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more. News
-
Funding, carelessness, hurdles to secure networks: Dr Whitfield Diffie
Cryptographic pioneer Dr. Whitfield Diffie spoke at SecurityByte 2011 in Bengaluru, where SearchSecurity caught up with him. Here’s what he had to say. News
-
Map your data classification policy to controls effectively: How-to
Data classification policy plays an important role in control implementation and effectiveness. We take a look at the involved parameters. Tip
-
Pitch for security investment planning: How-to
Security investment planning for a scalable future-proof business infrastructure can be tricky. Here’s how you can prepare the business case. Tip
-
Three mobile device security policy lookouts from ISF
Advice from Information Security Forum (ISF) on how to draft a comprehensive mobile device security policy, given the evolving mobile device environment. Tip
-
Leveraging ISO 27005 standard’s risk assessment capabilities
In this first of a series of articles on risk assessment standards, we look at the latest in the ISO stable; ISO 27005’s risk assessment capabilities. Tip
-
Security awareness training mantras from Central Bank of India
Get insights into Central Bank of India’s comprehensive information security awareness training programs. Tip
-
Mature data loss prevention: 8 questions to ask your vendor
To determine if a data loss prevention (DLP) solution truly meet your organization’s needs, there are certain clarifications you always require. Tip
-
Implement ISMS and sustain it, with these tips
ISMS implementation for obtaining ISO 27001 certification is only half the job. Going forward, these best practices are critical to sustain the ISMS. Tip
- See More: All on Information security policies and end-user awareness training
About Information security policies and end-user awareness training
Get information security policy and end-user security training resources here. Learn how to draft an information security policy. Fine tune your information security policy and conduct security policy reviews. Conduct end-user security awareness training sessions. Effectively enforce security policies.