Risks and Options to Control Mobile, Wireless and Endpoint Devices
Written by distinguished security industry analyst Mike Rothman of Securosis
This executive presentation gives an overview on how to protect your devices, defend your data, maintain and prove regulatory compliance, and manage your risks while embracing a wide range of mobile devices and apps.
Historically, one of the biggest problems with Payment Card Industry Data Security Standard (PCI DSS) compliance initiatives has been conducting it as a one-off security effort, treating the standard as a unique and independent set of requirements instead of integrating the requirements into a holistic GRC program.
Despite its growing maturity, simulation is still regarded by some as being complicated and impractical from a management perspective, even through the downfalls in static analysis of risk positions pertaining to business processes, projects, insurances or trading are well documented. Simulation is still perceived by some as an approach which involves too much data, too much expertise, and specialist skill sets to implement.
Focused on protecting corporate information as your workforce goes mobile, this CISO Handbook explains:
Organizations of all sizes are dealing with a deluge of security data feeds from disparate solutions – a primary problem being vulnerability scan data. Managing vulnerability data is messy.
Businesses today have a multitude of security tools and technologies spread across the enterprise. As a result, most IT organizations must work with a security posture cobbled together from so many individual solutions that it is impossible to get a unified view at any given point in time. Given the amount of data generated by security tools, vulnerability tools, policy violations, highly privileged access reviews, and more, organizations need a structured way to understand their security posture.
The Mobile Risk Insider newsletter is designed for Fixmo's customers and partners, as well as anyone in the industry that cares about mobile security, risk management and compliance. It will offer insights and editorial on the latest news and headlines from Fixmo as well as the worlds of mobile risk management and mobile security. Each issue will provide a snapshot of Fixmo's recent product announcements and updates, the top rated posts from our online blog, elevant industry news and more.
Over the past few years, organizations are more focused on "being in control." They are increasingly—often forced by regulations—building and implementing processes that underpin the company's "In Control Statement". The inevitable extra costs and efforts are often seen as a burden, distracting people from what they should focus on: doing business!
In risk intensive businesses like the energy sector, a new risk analysis and description methodology has become more and more popular – Bow Tie diagrams. The success of this diagram lies in its clear structure and simplicity which is easy for the non-specialist to understand, but still has sufficient depth for an expert discussion.
An increasingly common question is "How do I implement ISO 31000 with your Governance, Risk and Compliance (GRC) platform?" This white paper introduces in broad strokes the purpose and approach of ISO 31000.
In today's world of high uncertainty, rapid economic changes, and increasingly complex regulations, compliance has become a permanent part of doing business. Juggling the requirements of industry regulations, data privacy laws, and government mandates is no easy task, and maintaining ongoing compliance is complicated by constant changes, amendments, and overlaps. What's more, as regulations increase, the resources needed to comply with them increase as well – and so do the stakes.