We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:



Recent Blogs & Podcasts

Insights Portal

\ GRC 

July 25, 2018 | Vendor and Partner Management
By Dave Shackleford, IANS Faculty

 Optimize Your Vendor Toolset

Security teams typically find they accumulate too many security tools, many of which may overlap in scope or provide less value over time. In this report, IANS Faculty Dave Shackleford explains how to put the right processes in place to ensure you continually re-evaluate your critical toolsets and more fully optimize your operations. 

Read More »

July 19, 2018 | Regulations & Legislation
By Josh More, IANS Faculty

 California’s New Privacy Law: Impacts and Advice

In late June, California rushed the nation’s first modern privacy law to completion.  In this report, IANS Faculty Josh More explains the timing and specifics of the law, how it stacks up against the EU's GDPR and how organizations can ensure they become compliant by the time the law comes into force in January 2020.

Read More »

July 17, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Josh More, IANS Faculty

 Blockchain and Digital Currencies: Why They Matter Now

Blockchain and digital currencies are hot topics in the news and the board room, but security teams are just now putting them on their radar. In this report, IANS Faculty Josh More details how the technologies work, how the system is being exploited and what organizations can do to protect themselves.

Read More »

June 19, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Three Success Factors for SSH Key Management

Despite the fact that most enterprises use hundreds of thousands of SSH keys on a regular basis, few have the right pieces in place to manage them effectively. In this Ask-an-Expert written response, IANS Faculty Aaron Turner says successful SSH key management depends on three factors: strong configuration management, mature service management and effective policy management.

Read More »

June 15, 2018 | Regulations & Legislation
By Mark Clancy, IANS Faculty

 Tackling the New York State Department of Financial Services (NYDFS) Cybersecurity Requirements

While the bulk of the new NYDFS cybersecurity requirements took effect in March, rules on audit logging, application security, data retention and risk based monitoring for staff with access to nonpublic information come into effect this September. In this webinar, IANS Faculty Mark Clancy addresses some of the major pain points such as data-at-rest encryption, continuous monitoring, and notification of “events." He also details strategies for complying with the NYDFS requirements right now, in the coming months, and looking ahead to the implementation date for third parties.

Read More »

June 13, 2018 | Risk Management

 Risk Acceptance Template

This template for a risk acceptance memo is designed both to drive discussion, and provide an opportunity for business stakeholders (e.g., the system owner, business owner, etc.) to understand and perhaps even challenge the associated risk assumptions, constraints and calculations.

Read More »