The new virtualization guidance issued by the PCI Security Standards Council urges organizations to take a risk-based approach when dealing with virtualization methods, especially within cardholder data environments.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
What's the top threat on the minds of global IT leaders? Employee-owned mobile devices - or BYOD (bring your own device), as the trend is known. The struggle: Do mobile device benefits outweigh the organizational risks?
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
Globally, countries and organizations now recognize the need for a unified approach for managing IT infrastructure services, says Marlin Pohlman of the Cloud Security Alliance. The trick is developing this new set of global standards.
"On a global basis, countries are recognizing that they need a uniform commercial code, if you will, for data - a unified approach for managing IT infrastructure services," says Marlin Pohlman of the Cloud Security Alliance.
Globally, cloud computing is embraced as a practice beings great cost and technology efficiencies to financial institutions. But count Singapore among the nations that is proceeding cautiously while addressing security concerns, says James Lee of Trend Micro Inc.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
Topics to be addressed at the NIST cloud computing forum include the cloud's trustworthiness and standards. Google Chief Internet Evangelist Vint Cerf and NIST Director Patrick Gallagher also will speak.