Compliance and Risk

Compliance Regulation and Standard Requirements
Data Breach Incident Management and Recovery
IT Security Frameworks and Standards
IT Security Jobs, Careers and Certification Training
Information Security Risk Assessment: Methodology and Analysis
Security Policies and User Awareness

Email Alerts

Register now to receive SearchSecurity.co.uk-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Royal Holloway 2012: Designing a secure contactless payment system

In his Royal Holloway thesis, Albert Attard proposes a contactless payment system to make card-not-present credit card transactions more secure.Feature
Royal Holloway 2012: PCI compliance, cloud computing are a costly pair

It is possible to achieve PCI DSS compliance in a cloud environment, but it may not be cost-effective, as explained in this Royal Holloway article.Feature
The new EU data protection regulation: Planning for compliance

The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
Prep and test your Olympics 2012 security contingency plans

To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas.Tip
ICO fines Welsh health board £70,000 for patient record loss

For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.News | 11 May 2012
International computer crime requires an international response

As international computer crime increases in scope and organisation, countries must work together to reduce threats from global cybercrime.Opinion
Infosecurity 2012 Europe: Conference news and highlights

Get the latest news and important research from the Infosecurity 2012 Europe conference, including coverage on security threats and data breaches.Guide
Infosecurity 2012: ICO opposes mandatory data breach notification

Information Commissioner Christopher Graham calls mandatory breach disclosure for all companies unnecessary, saying voluntary disclosure is working.News | 26 Apr 2012
PCI assessor and CISO: Work together for the best PCI ROC

In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate.News | 19 Apr 2012
Privacy and electronic communications regulations: Guide to EU cookie compliance

Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie.Guide
VIEW MORE ON : Compliance Regulation and Standard Requirements

Royal Holloway 2012: An incident response process for armoured malware

An incident response process may be futile when dealing with today’s armoured malware, as explained in this Royal Holloway article.Feature
The new EU data protection regulation: Planning for compliance

The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
Opinion: LinkedIn hacking incident betrays users’ trust

Users are told to create strong passwords, but the LinkedIn hacking showed strong passwords are no defense when the application provider is attacked.News | 14 Jun 2012
ICO fines Welsh health board £70,000 for patient record loss

For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.News | 11 May 2012
Going after the middlemen in the fight against financial cybercrime

The FBI and SOCA successfully executed Operation hAVoC, going after the middlemen, or carders, in the fight against financial cybercrime.News | 10 May 2012
SOCA takes its website offline in DDoS response

Just days after SOCA shut down carder sites, the agency was the victim of a DDoS attack, leading SOCA to takes its website offline.News | 03 May 2012
SOCA shuts down network of CVV sellers' carder sites

The Serious Organised Crime Agency shut down 36 CVV sellers who were selling stolen credit card and banking credentials to buyers around the world.News | 27 Apr 2012
Infosecurity 2012: Survey proves value of security awareness programme

According to the latest findings from PwC, better end-user security training can pay off in fewer breaches.News | 27 Apr 2012
Infosecurity 2012: ICO opposes mandatory data breach notification

Information Commissioner Christopher Graham calls mandatory breach disclosure for all companies unnecessary, saying voluntary disclosure is working.News | 26 Apr 2012
Prepare now for more stringent U.S. data privacy laws

U.S. data privacy laws will soon become more pervasive and more strictly enforced. Security teams should prepare their organizations for the new rules.News | 05 Apr 2012
VIEW MORE ON : Data Breach Incident Management and Recovery

Royal Holloway 2012: An analysis of cloud security certifications

In his Royal Holloway 2012 thesis, Robert Farrugia analyses cloud security certifications and suggests ways organisations can reduce cloud risks.Feature
CESG Good Practice Guides (GPG)

Good Practice Guides (GPG) are documents created by the CESG, which provides guidance on aspects of information assurance (IA) to help organisations manage risk effectively.Definition
Jericho Forum

The Jericho Forum is a global organization formed to help members deal the challenges of information security in an increasingly complex environment. (Continued)Definition
Kitemark

Kitemark is a registered trademark owned and awarded by the British Standards Institution for products that have demonstrated standards for quality and safety.Definition
Security losing ground despite Web application development frameworks
Web application vulnerability statistics show security losing ground

New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.News | 08 Feb 2012
FTSE 100

FTSE 100 is an index of the financial performance of the100 largest companies in the UK.Definition
Jericho founder: Get involved in plan for protecting identity online

Respected identity expert Paul Simmonds says the NSTIC's identity project needs European involvement, or it may not meet Europe's needs.News | 13 Jan 2012
Getting control of IT security documentation

Does your IT department feel buried under mountains of paperwork? Expert Michael Cobb shows an easy way to organise your IT security documentation.Tip
Industry groups offer conflicting options for protecting identity online

The Jericho Forum is promoting its strategy for protecting identity online, claiming its approach is superior to the NSTIC or vendors.News | 21 Dec 2011
VIEW MORE ON : IT Security Frameworks and Standards

Division of CISO responsibilities may prevent burnout

CISO responsibilities can be overwhelming, according to a new IBM survey. One solution may be to divide the role into two jobs.News | 17 May 2012
CESG

CESG is the UK government's national technical authority for information assurance (IA).Definition
Cyber Security Challenge UK

Cyber Security Challenge UK is a not-for-profit British company that runs IT security-related competitions with the aim of attracting talented people to the IT security industry.Definition
Finding Mobile device security training courses for IT admins

Expert Davey Winder suggests some good security training courses for the IT administrator who must manage their organisation’s mobile devices.Ask the Expert
UK IT spending 2012: Security budgets show growth, CompTIA survey says

CompTIA found IT security budgets are growing for most UK organisations. However, UK IT managers report a shortage of skilled security professionals.News | 23 Mar 2012
Security policy and international employment laws for hiring overseas

Before opening an office abroad and hiring employees in other countries, learn how to adapt your security policy to international employment laws.Tip
Despite recruiting uptick, 2011 IT security pay rates remain flat

New figures show little fluctuation in IT security pay rates heading into 2012. However, recruitment is rising, along with contract staff hires.News | 12 Jan 2012
Information system security certification: Detailed list of certs

There are many information system security certification choices for security pros, IT staff and managers. This list helps you sort out the certs.Tip
Government publishes UK Cyber Security Strategy to protect public

The government’s UK cyberscurity strategy includes a new crime unit, more certifications, increased public education, and the creation of kitemarks.News | 28 Nov 2011
(ISC)2 promotes secure SDLC with 1000th CSSLP

(ISC)2 wants its CSSLP certification, focusing on secure software development, to help augment enterprises' secure SDLC programs.News | 07 Nov 2011
VIEW MORE ON : IT Security Jobs, Careers and Certification Training

The new EU data protection regulation: Planning for compliance

The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
Using open source intelligence software for cybersecurity intelligence

Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization.Tip
Prep and test your Olympics 2012 security contingency plans

To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas.Tip
Office of Cyber Security and Information Assurance (OCSIA)

The Office of Cyber Security and Information Assurance (OCSIA) is part of the UK Cabinet Office, which sits at the centre of government.Definition
With mobile payments, security teams must move quickly

As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.Tip
PCI assessor and CISO: Work together for the best PCI ROC

In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate.News | 19 Apr 2012
Privacy and electronic communications regulations: Guide to EU cookie compliance

Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie.Guide
EU cookie regulations: Advice for firms in the US and other countries

Expert Alan Calder responds to a reader’s question: Must companies outside the EU change their websites to comply with EU cookie regulations?Answer
Defining a full security threat

How would you define a security threat? The correct answer could score the funding you need for your next security project.News | 12 Apr 2012
A compliance strategy for the controversial cookie opt-in regulation

Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation.Tip
VIEW MORE ON : Information Security Risk Assessment: Methodology and Analysis

The new EU data protection regulation: Planning for compliance

The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
“Click-for-tickets” fraud: Teaching users to sidestep Olympic scams

Attackers are expected to use the Games to foster email and Internet fraud. Learn how to help users sidestep Olympics-related scams.Tip
Why execs really need corporate security training

Senior executives may be the most likely to disobey all your hard-won corporate security training. Here are five reasons why.News | 31 May 2012
Creativity in information security awareness training

Information security awareness training programs must be creative and visually compelling to grab users’ attention and ensure they remember the security lessons.News | 03 May 2012
Adding cybercrime software demos to security awareness training

Security professionals can use screenshots of cybercrime software in security awareness training to convey the serious threats organisations face.Tip
International computer crime requires an international response

As international computer crime increases in scope and organisation, countries must work together to reduce threats from global cybercrime.Opinion
Infosecurity 2012: Survey proves value of security awareness programme

According to the latest findings from PwC, better end-user security training can pay off in fewer breaches.News | 27 Apr 2012
Infosecurity 2012: ICO opposes mandatory data breach notification

Information Commissioner Christopher Graham calls mandatory breach disclosure for all companies unnecessary, saying voluntary disclosure is working.News | 26 Apr 2012
ISBS 2012 report: Security slow to adapt to new technologies

PwC’s ISBS 2012 report, which will be presented at Infosecurity 2012, shows security teams react too slowly to threats from new technologies.News | 20 Apr 2012
Privacy and electronic communications regulations: Guide to EU cookie compliance

Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie.Guide
VIEW MORE ON : Security Policies and User Awareness

Latest Headlines

E-Books

E-Zines

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Blogs

Compliance and Risk

Email Alerts

About This Topic

More from Related TechTarget Sites