http://mielesecurity.blogsome.com Information Security, Compliance and Regulatory Standards, Training & Certification Wed, 19 Apr 2006 07:23:42 +0000 http://backend.userland.com/rss092 en Well, for those of you who’ve been living on the ‘other side’ - i.e. those who don’t really have an interest in all things information technology, I’ve got some news for you. You need to be scared. Very, very scared. Unbeknownst to you, someone is probably using your computing resources, your personal ... http://mielesecurity.blogsome.com/2006/04/19/rootkits-why-theyre-an-increasing-problem/ Folks, we are going to Infosec Europe as participants for the first time. It should be a great gig, with more than 15,000 visitors (11,000 attended in ‘05). MIEL have a keynote speaker in Avinash Kadam, who will be providing information on what organizations should be looking for when hiring security ... http://mielesecurity.blogsome.com/2006/04/19/infosecurity-europe/ In the aftermath of Choicepoint and several other high profile incidents, where customer information was compromised, the US Congress issued some strong statements and passes a series of bills aimed at strict disclosures. In short, no more are disclosures going to be voluntary and part of good governance and transparency ... http://mielesecurity.blogsome.com/2005/11/16/mandatory-disclosures-for-security-breaches/ Banks worldwide have been scrambling to assess Basel II requirements, which come into effect in 2006. At the moment, most banks are identifying what they need to do to reduce their risk exposure and also testing solutios and processes to ensure that they are in line with their overall compliance ... http://mielesecurity.blogsome.com/2005/11/09/basel-ii-providing-incentives-to-reduce-operational-risk/ The folks at Purdue Uni along with the National Science Foundation are conducting a survey on Privacy - should take 5 - 15 minutes of your time and the results should provide some insight into how Privacy Compliance is being achieved and the comfort that an individual feels today ... http://mielesecurity.blogsome.com/2005/11/07/purdue-nsf-privacy-survey/ SOX compliance continues to be a pain area for many smaller companies seeking guidance on how not to run afoul of the regulators. There is a lot of debates in discussion forums, on consulting company newsletters on the approach and methodology and in boardrooms. Its a good idea to start with the ... http://mielesecurity.blogsome.com/2005/09/29/sox-breaking-it-into-manageable-parts/ California was the first state to come out with comprehensive legislation that required companies to implement adequate safeguards to protect privacy and security of information collected for business purposes. Termed SB1386, it heralded a new era in compliance and assurance legislation - and today, 18 US states have passed privacy ... http://mielesecurity.blogsome.com/2005/08/25/personal-data-privacy-and-security-act-2005-2/ There is some talk in companies about creating a new position to ensure regulatory compliance across the enterprise. The term being used for the moment is Chief Compliance Officer. According to Tech Target, this is a basic job description: Staying current with new and updated regulations. These may include state and federal ... http://mielesecurity.blogsome.com/2005/08/06/wanted-chief-compliance-officer/ Dear Folks - We would like to extend a warm welcome to all the infosec professionals who use this forum on behalf of MIEL’s Information Security Training Institute. From hereon, we will be posting topics relevant to infosec training here. Feel free to post your comments and feedback. Happy blogging! Abigail and RiOn http://mielesecurity.blogsome.com/2005/08/03/welcome-2/ In an earlier post, I have outlined a basic 3 step approach to Implementing HIPAA within your organization. http://mielesecurity.blogsome.com/2005/07/02/hipaa-compliance-a-basic-3-step-approach/ This information is provided for an audience seeking an overview of the Information Security requirements, as outlined in HIPAA. I hope this will be useful as a starting point towards compliance, particularly ... http://mielesecurity.blogsome.com/2005/08/03/hipaa-compliance/