The Shift from Regulation to Security Compliance within the Financial Services Industry

By: January 13, 2015

Enron and the other notorious big scandals from the early 2000s gave way to shape such regulations as Sarbanes-Oxley (SOX) and modernization of the Gramm-Leach-Bliley Act (GLBA). There was a global trend by investment banks to shift operations toward regulatory… Read More

Five Information Security Predictions for 2015 from CTO Harry Sverdlove

By: January 9, 2015

(Editor’s Note: this article also appears on It’s that time of the year, when information security professionals do their best Carnac impressions and give us insight into the year ahead. Looking back, 2014 has been a brutal year for… Read More

10 Information Security Predictions for 2015

By: January 8, 2015

In looking at the security landscape of 2015, there are a few things that I would not be surprised to see. (I will be sure to post a blog this time next year to see how I did.) 1 –… Read More

More Security Professionals Are Recommending Application Whitelisting

By: January 7, 2015

I’m seeing more evidence that organizations are adopting application control (i.e., application whitelisting) as part of a defense-in-depth strategy. Recent posts on the InfoSec Institute and TechRepublic websites are two such examples, and an article I recently co-wrote with Troy… Read More

How PCI DSS 3.0 Can Help Stop Data Breaches

By: January 6, 2015

By Troy Leach and Christopher Strand (Editor’s Note: this article also appears on Dark Reading.) The new Payment Card Industry Data Security Standard (PCI DSS) 3.0, effective January 1, raises the bar for security by encouraging a structured, predictable, and continuous… Read More

The Case for Wider Sharing of Threat Intelligence in 2015

By: January 5, 2015

(Editor’s Note: This article also appears on Threat intelligence is hot. Everyone is talking about it, trying to produce it or attempting to leverage it. But what exactly is it? And why is it gaining so much traction? While… Read More