October 1, 2018 | Tools & Templates | Enterprise and IT Compliance Management
All security teams moving to the public cloud should adopt cloud-specific security standards. In this Ask-an-Expert written response, IANS Faculty Matthew Chiodi recommends using ISO/IEC 27001 and 27017 as a foundation, and then customizing from there.
Creating a data governance program requires long-term thinking; it's a practice, not a project. In this Ask-an-Expert written response, IANS Faculty Josh More lists the key steps for building a successful program.
HIPAA has an addressable requirement for encrypting data at rest, but how are organizations expected to comply? In this Ask-an-Expert written response, IANS Faculty Mike Pinch say HIPAA doesn't provide detailed guidance but the best strategy is to match your encryption to the attacks it's designed to prevent.
China's cybersecurity laws present strong implications for all companies doing business in and with the country. In this update to an Ask-an-Expert written response, IANS Faculty Aaron Turner explains the laws and offers recommendations for securely doing business in and with the country.