Risk Management

Thu, March 15, 2012 - Research shows that CIOs rarely discover the internal security threats that can ruin companies, even though it frequently involves IT systems. Here's what needs to change.

Thu, March 15, 2012 - If your organizations has not implemented automated server access controls, you're exposing your business to risks ranging from compliance issues to insider fraud, corporate espionage and even nation-state sponsored attacks.

Tue, February 28, 2012 - Finance needs to expand the cope of competitive analysis to keep up, BDO says as it analyzes its annual survey.

Fri, February 24, 2012 - SSL certificates are a fundamental component of secure online transactions, but a new survey finds that a majority of organizations don't know where or how many certificates they actually have, and nearly as many lack an accurate idea of which certificates are about to expire. Venafi CEO Jeff Hudson says this increases organizations' operational, security and audit and compliance risk.

Fri, February 24, 2012 - After having founded a software security company, selling it to HP and then working for them, Roger Thornton gained valuable insight into the evolving IT security threat landscape. So, naturally, he left HP and took on a new role in an entirely different sector, where he is taking part in an initiative that aims to bring the security community to new levels of information sharing.

Thu, February 23, 2012 - Driven largely by compliance requirements for the Sarbanes-Oxley Act of 2002, many organizations are adopting a governance, risk and compliance (GRC) tools to help manage their activities in these three areas. GRC suites and toolsets automate the collection, correlation and reporting of information to offer a broader picture of how well the company is not only performing, but also how well it is complying with the law and managing risk.

Thu, February 23, 2012 - The complex and ever-changing security landscape can befuddle small businesses, and the plain truth is that there is no silver security bullet. Small businesses would be well-advised to deploy a multi-faceted security strategy. Here are eight must-have checklist items.

Wed, February 15, 2012 - Last year saw the rise of malware networks, distributed network infrastructures that exploit popular places on the Internet to repeatedly launch a variety of dynamic malware attacks. Blue Coat Labs has issued six best practices that can help organizations defend themselves against the threat.

Mon, February 06, 2012 - Few think of formal risk management in terms of incorrect data entry. They should.

Tue, January 31, 2012 - Michael Santarcangelo explains that by evading difficult issues, we actually increase our risk

Wed, November 30, 2011 - Security looks at operational risk, but most big companies have officers called risk managers who actually buy insurance policies for the company. What's on their minds? If you run a security operation, you should know, because your work and their work are intertwined.

Mon, November 07, 2011 - It's probably no big surprise to any of you, but the effectiveness of your organization's risk-management endeavors is directly related to your ability to navigate the quagmire known as corporate politics.

Tue, November 01, 2011 - Akamai Technologies CSO Andy Ellis talks about some of the things organizations need to consider in order to better manage risk.

Fri, October 28, 2011 - Woodforest National Bank implements a replication system for its virtualized data center in the Gulf Coast