Information security program development and maintenance continues to reside at the core of good response, incident management and overall information security program capability. In the current landscape, where the cyber threat consists largely of a growing and persistent threat of fraud and the potential for a...
Ira "Gus" Hunt, a security expert who was formerly CTO at the CIA, analyzes why many large healthcare provider organizations plan to boost cybersecurity spending in 2018 and discusses the role of emerging technologies.
MeitY has announced it will give preferential treatment to locally developed security solutions for use throughout the government at the center and state levels. Private sector security practitioners weigh in on whether it's practical for them to make a similar shift.
What's Silicon Valley secret that helps innovative startups to thrive and grow? And how does the startup ecosystem in India compare? Here is the story of Fixnix - The Silicon Valley-based GRC startup from India.
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.
Governance, risk and compliance efforts have failed to evolve in the Indian marketplace, says Vidya Phalke of MetricStream. He believes most organizations lack a proper framework, and they must build a robust GRC culture.
Mobile capture is quickly becoming an important differentiator for many companies and organizations, especially those in traditionally document-intensive fields like banking, insurance, healthcare and government operations. According to a 2014 study conducted by AIIM, 45% of companies feel that mobile capture is...
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
Automating governance, risk and compliance reduces vulnerabilities that can have an adverse impact on the bottom line, says Sergio Thompson-Flores, chief executive of Modulo, a provider of GRC offerings.
By December 6, 2011, all federal agencies must develop a compliance plan for how they will identify and protect Controlled Unclassified Information (CUI). Is your agency ready?
In this white paper, Patricia Hammar, executive secretary of the CUI Presidential Task Force, provides expert advice on developing a CUI...
The compliance deadlines are aggressive - but so are today's threats, says Vishal Salvi, CISO of HDFC Bank, discussing the challenges of meeting the Reserve Bank of India's new information security standards.
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.