Blog Posts Tagged with "Guidelines"


NIST Guidelines: Protecting Computers at Start-Up

December 29, 2011 Added by:Headlines

SP 800-155 explains the fundamentals of BIOS integrity measurement to determine if the BIOS has been modified and how to report changes. The publication provides detailed guidelines to vendors that develop products to support secure BIOS integrity measurement mechanisms...

Comments  (0)


SSAE 16 is NOT SOC 2

December 22, 2011 Added by:david barton

Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...

Comments  (2)


HIPAA Security Rule Toolkit Available from NIST

December 21, 2011 Added by:Headlines

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."

Comments  (1)


Fed CIO: Minimum Security Standards Set for Cloud Providers

December 20, 2011 Added by:Bill Gerneglia

The FedRAMP was established to provide a standard approach to Assessing and Authorizing cloud computing services. FedRAMP allows joint authorizations and continuous security monitoring services for Government and Commercial cloud computing systems intended for multi-agency use...

Comments  (0)


Consortium Issues Baseline Requirements for SSL

December 20, 2011 Added by:Headlines

"The primary goal of these Requirements is to enable efficient and secure electronic communication, while addressing user concerns about the trustworthiness of Certificates. The Requirements also serve to inform users and help them to make informed decisions when relying on Certificates..."

Comments  (0)


NIST Revision Expands Government Authentication Options

December 16, 2011 Added by:Headlines

“Changes made to the document reflect changes in the state of the art. There are new techniques and tools available to government agencies, and this provides them more flexibility in choosing the best authentication methods for their individual needs, without sacrificing security..."

Comments  (0)


DHS Releases Blueprint for a Secure Cyber Future

December 13, 2011 Added by:Headlines

The document is meant to provide a road map for cybersecurity efforts while observing the the need to preserve civil liberties, protect privacy, bolster national security, and provide the ability for the private sector to effectively operate and innovate in cyberspace...

Comments  (0)


Closing the Gate Before the Horse Bolts – On Passwords for the Cloud

December 12, 2011 Added by:Ben Kepes

Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...

Comments  (0)


SEC Calls for Cohesive Incident Response and Reporting

December 09, 2011 Added by:Steven Fox, CISSP, QSA

This guidance is designed to “elicit disclosure of timely, comprehensive, and accurate information about risks and events that a reasonable investor would consider important to an investment decision,” including those related to information security breaches...

Comments  (0)


CERT Warns of Holiday Phishing and Malware Campaigns

December 06, 2011 Added by:Headlines

"US-CERT encourages users and administrators to use caution when encountering email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns..."

Comments  (0)


FCC's Ten Cyber Security Tips for Small Businesses

November 29, 2011 Added by:Headlines

"Broadband and information technology are powerful factors in small businesses reaching new markets and increasing productivity and efficiency. However, businesses need cybersecurity tools and tactics to protect themselves, their customers, and their data from growing cyber threats..."

Comments  (0)


Accounting for Cybersecurity

November 20, 2011 Added by:John Nicholson

Companies now face the unenviable task of deciding what aspects of cyber incidents or risks are “material” and disclosing them, with the knowledge that the sophisticated and determined nature of cyber-attackers makes predicting the nature of an attack and its consequences incredibly difficult...

Comments  (0)


MMA Proposes Mobile Application Policy Framework

November 16, 2011 Added by:David Navetta

The Mobile Marketing Association has released its Mobile Application Privacy Policy Framework for public comment, which they are accepting through November 18th. The intent of the Guidelines are to create a framework for developers to use to provide clear disclosures to consumers...

Comments  (0)


NIST Updates Smart Grid Framework Standards

November 08, 2011 Added by:Headlines

"Making such dramatic changes to the power grid requires an overarching vision of how to accomplish the task, and this updated Framework advances that vision. Utilities, manufacturers, equipment testers and regulators will find essential information... that was not previously available..."

Comments  (0)


NIST Seeks Feedback on Wireless Security Guides

November 07, 2011 Added by:Headlines

The NIST has issued two new guides addressing issues with wireless security. The first guide focuses on Bluetooth security, while the second looks at wireless local area networks. The NIST is seeking public comment on the guides via email with a November 10th cutoff for submissions...

Comments  (0)


NYSBA Releases E-Discovery Best Practices Guidelines

November 04, 2011 Added by:Headlines

The guidelines are organized in a systematic fashion covering topics applicable to electronically stored information before, during and after e-discovery has occurred and includes coverage of legal holds, adequate preservation, investigations, duty to preserve, inadvertent alteration...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »