Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
Looking ahead to the new year, Kristin Lovejoy of IBM says information security organizations face a host of global compliance issues - and the complexity of this challenge may be the biggest task of 2011.
Governance, risk and compliance - GRC - are priorities for information security leaders of all organizations. And these priorities have only been underscored by the economic recession and elevated scrutiny of businesses and government agencies.
In an exclusive interview on GRC trends, Chris McClean, analyst with...
Interview with Jennifer Bayuk, Former CISO at Bear Stearns & Co.
Governance is a term increasingly used in financial institutions, as banking/security leaders try to introduce new processes and disciplines to their organizations.
In this exclusive interview, Jennifer Bayuk, an information security specialist...
Interviews Shed Light on Topics of Unique Interest to Banking/Security Executives
The annual RSA Conference is a showplace for the who's who of security solutions vendors. The event showroom is lined with scores of the industry's leading vendors - no one individual could hope to see them all.
So, the Information...