Why do I still keep hearing about breaches of confidentiality even though
compliance to FISMA and SOX have been on the books for years? This is a question that many people asked in the wake of disclosure of the theft of a notebook belonging to a Veteran's Affairs employee that contained records...
More...
Isn't it really all about
accounting for your assets, placing a value on each, (assessing the impact to your business if a
breach occurs), calculating the
risk, (threats,
vulnerabilities and likelihood of occurrence), and then implementing
security controls to minimize the risks starting with the...
More...
My organization already does background checks as part of the hiring process. Will it be necessary to run them again as part of a
PCI compliance process? If so, to what standard? The
PCI has published a document called the Qualified
Data Security Company Requirements (QDSC). Section 4 of that...
More...