Best Practices Security Awareness Training: It's Time to Elevate Its Importance In Your Information Security Program With the threat landscape changing quickly, security awareness training should ...

Keeping the information security management program (ISMP) current based on emerging threats, personnel changes, changes in infrastructure, risk assessments, policy updates and any other change ...

The information security program must be written in accordance with the size and complexity of the business, the sensitivity of the information, and the nature or scope of business activities.

The first goal listed in the new memo is for FedRAMP to “lead an information security program grounded in technical expertise and risk management.” The cloud modernization program “must be capable of ...

The role of the CISO is gaining in prominence. Are you ready? The reality is no longer “if” a company has been hacked, or ...

The Federal Trade Commission announced it will require web hosting company GoDaddy to introduce a "robust information security program" to settle charges that it has failed to protect its platform ...

As part of its information security program, the company must establish zero-trust principles, regular security reporting to the CEO, and employee training on data handling and security.

The U.S. Federal Trade Commission (FTC) has finalized an order requiring web hosting giant GoDaddy to secure its services to settle charges of data security failures that led to several data ...

[co-author: James O'Reilly]* North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new ...