ASSESSMENT

How can Infosec GRC Deliver Wins in Risk Management?

How can Infosec GRC Deliver Wins in Risk Management?

Information security (infosec) risk management can often seem overwhelming and hard. Organizations can spend considerable resources on infosec programs or solutions, yet they may have challenges in implementing commensurate and demonstrable …

read more
Patient Portals Make or Break

Patient Portals Make or Break

Like many other Health IT initiatives today, the primary driver for patient portals is regulatory in nature. Specifically, it is the Meaningful Use requirements related to view, download or transmit and …

read more
Hello PCI SSC… Can we rethink?

Hello PCI SSC… Can we rethink?

This is a detailed follow-up to the quick post I wrote the Friday before the Labor Day weekend, based on my read at the time of the PCI SSC’s Special Interest Group …

read more
Hello PCI SSC…

Hello PCI SSC…

Hello PCI SSC, You had me on board until I saw this statement in your guidance1 released yesterday. “However, using risk as the basis for an organization’s information security program …

read more