American Banker

Report Details PCI Compliance Options

Though a few large merchants fail to comply with the Payment Card Industry Data Security Standard, many rely on alternative compensating controls to pass muster, according to a report by Thales Group ...
CSOonline

Slow EDR Rollout Requires a NG-IDS Compensating Control

When Anton Chuvakin, then a Gartner Analyst, first coined the term endpoint detection and response (EDR) in 2013, most enterprises raced to replace antivirus (AV) with EDR. And that makes sense, as ...
JD Supra

Assessing Compliance Internal Controls – Part I

I have recently detailed the COSO 2013 Framework in the context of a best practices compliance regime. However there is one additional step you will need to take after you design and implement your ...
Computerworld

Sarbanes-Oxley: Technical enforcement of IT controls

Nov. 15 looms large for corporate executives who will soon have to certify compliance with Section 404 of the Sarbanes-Oxley Act. Their assertions on the effectiveness of internal controls over ...