the State of Security

_IT Compliance

HyperLogging: Preventing the Security Blindspot

by Cindy Valladares

In the security world, there are a LOT of things to keep track of on a daily basis. There is no shortage of legitimate security threats, not to mention all the mundane operational activities that need to be managed:  OS/app patches, rogue access points, physical security, post-it notes with passwords (yes, I’m guilty here too)… [...]

Read More

How to Achieve Better Security

by Cindy Valladares

A few weeks ago I had the pleasure of interviewing Mike Dahn, Director of Risk and Compliance at PwC, and Josh Corman, Research Director of Enterprise Security at The 451 Group. The focus of our conversation was on what practical advice they could give to organizations that wanted to move beyond proving compliance validation to [...]

Read More

PCI DSS Compliance: More Carrot and Less Stick?

by Cindy Valladares

Or a less sexy title: does compliance with mandates such as Payment Card Industry Data Security Standard (PCI DSS) help reduce risks for organizations (the carrot) even though it’s costly and the consequences of non-compliance even costlier (the stick)?

Read More

Minding the Gap: Infosecurity Europe and BSidesLondon

by Cindy Valladares

This week I’ve been in London for two security shows: Infosecurity Europe and BsidesLondon. The two events are very different from each other, attracting not only different sponsors/vendors (in BsidesLondon there are sponsors; in Infosecurity there are vendors), but distinct audiences. For an organization like Tripwire, it’s good to be present at both types of [...]

Read More

Understanding the Cost of Compliance — Part IV

by Cindy Valladares

This is the fourth and final blog in my series of Understanding the Cost of Compliance, and I’ll discuss the per capita cost of compliance and non-compliance. The True Cost of Compliance report estimates the cost of compliance to be $3.5M and the cost of non-compliance to be $9.3M. In my conversations with practitioners, I’ve [...]

Read More

Understanding the Cost of Compliance — Part III

by Cindy Valladares

The True Cost of Compliance report finds that secure organizations have lower non-compliance costs. To measure security, the Ponemon Institute has developed a security effectiveness score. This methodology was developed over the last five years and used in over 40 studies by the Ponemon Institute. This index takes into account 25 best practices that help [...]

Read More

← Previous Entries