Blog Posts Tagged with "Guidelines"

69dafe8b58066478aea48f3d0f384820

NIST Guidelines: Protecting Computers at Start-Up

December 29, 2011 Added by:Headlines

SP 800-155 explains the fundamentals of BIOS integrity measurement to determine if the BIOS has been modified and how to report changes. The publication provides detailed guidelines to vendors that develop products to support secure BIOS integrity measurement mechanisms...

Comments  (0)

8fcd3af85e00d8db661be6a882c6442b

SSAE 16 is NOT SOC 2

December 22, 2011 Added by:david barton

Just when I thought things were getting better, along comes a press release that is wrong on so many levels I don’t even know where to begin. First, SSAE 16 is not a certification. Secondly, SOC 2 is totally unrelated to SSAE 16, which is specific guidance for conducting SOC 1 reviews...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

HIPAA Security Rule Toolkit Available from NIST

December 21, 2011 Added by:Headlines

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

Fed CIO: Minimum Security Standards Set for Cloud Providers

December 20, 2011 Added by:Bill Gerneglia

The FedRAMP was established to provide a standard approach to Assessing and Authorizing cloud computing services. FedRAMP allows joint authorizations and continuous security monitoring services for Government and Commercial cloud computing systems intended for multi-agency use...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Consortium Issues Baseline Requirements for SSL

December 20, 2011 Added by:Headlines

"The primary goal of these Requirements is to enable efficient and secure electronic communication, while addressing user concerns about the trustworthiness of Certificates. The Requirements also serve to inform users and help them to make informed decisions when relying on Certificates..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Revision Expands Government Authentication Options

December 16, 2011 Added by:Headlines

“Changes made to the document reflect changes in the state of the art. There are new techniques and tools available to government agencies, and this provides them more flexibility in choosing the best authentication methods for their individual needs, without sacrificing security..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS Releases Blueprint for a Secure Cyber Future

December 13, 2011 Added by:Headlines

The document is meant to provide a road map for cybersecurity efforts while observing the the need to preserve civil liberties, protect privacy, bolster national security, and provide the ability for the private sector to effectively operate and innovate in cyberspace...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Closing the Gate Before the Horse Bolts – On Passwords for the Cloud

December 12, 2011 Added by:Ben Kepes

Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...

Comments  (0)

B09c361cbdc6cf629affdc7db30a186d

SEC Calls for Cohesive Incident Response and Reporting

December 09, 2011 Added by:Steven Fox, CISSP, QSA

This guidance is designed to “elicit disclosure of timely, comprehensive, and accurate information about risks and events that a reasonable investor would consider important to an investment decision,” including those related to information security breaches...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

CERT Warns of Holiday Phishing and Malware Campaigns

December 06, 2011 Added by:Headlines

"US-CERT encourages users and administrators to use caution when encountering email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

FCC's Ten Cyber Security Tips for Small Businesses

November 29, 2011 Added by:Headlines

"Broadband and information technology are powerful factors in small businesses reaching new markets and increasing productivity and efficiency. However, businesses need cybersecurity tools and tactics to protect themselves, their customers, and their data from growing cyber threats..."

Comments  (0)

D15e0b682a84587af9af463961d00f22

Accounting for Cybersecurity

November 20, 2011 Added by:John Nicholson

Companies now face the unenviable task of deciding what aspects of cyber incidents or risks are “material” and disclosing them, with the knowledge that the sophisticated and determined nature of cyber-attackers makes predicting the nature of an attack and its consequences incredibly difficult...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

MMA Proposes Mobile Application Policy Framework

November 16, 2011 Added by:David Navetta

The Mobile Marketing Association has released its Mobile Application Privacy Policy Framework for public comment, which they are accepting through November 18th. The intent of the Guidelines are to create a framework for developers to use to provide clear disclosures to consumers...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Updates Smart Grid Framework Standards

November 08, 2011 Added by:Headlines

"Making such dramatic changes to the power grid requires an overarching vision of how to accomplish the task, and this updated Framework advances that vision. Utilities, manufacturers, equipment testers and regulators will find essential information... that was not previously available..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Seeks Feedback on Wireless Security Guides

November 07, 2011 Added by:Headlines

The NIST has issued two new guides addressing issues with wireless security. The first guide focuses on Bluetooth security, while the second looks at wireless local area networks. The NIST is seeking public comment on the guides via email with a November 10th cutoff for submissions...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NYSBA Releases E-Discovery Best Practices Guidelines

November 04, 2011 Added by:Headlines

The guidelines are organized in a systematic fashion covering topics applicable to electronically stored information before, during and after e-discovery has occurred and includes coverage of legal holds, adequate preservation, investigations, duty to preserve, inadvertent alteration...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »