Security Awareness Training Blog

Compliance Blog

Compliance news as it relates to cybersecurity, who it affects, and how to stay compliant.

View Topics

NISTs New Approach to Cybersecurity Standards

May 14, 2014 10:30:00 AM By Stu Sjouwerman
Applying Engineering Values to IT Security. The National Institute of Standards and Technology is developing new cybersecurity standards based on the same principles engineers use to ...
Continue Reading

4.8 Million Heftiest HIPAA Fine From Federal Regulators Yet

May 12, 2014 1:55:00 PM By Stu Sjouwerman
Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just ...
Continue Reading

New Whitepaper: Improving the Compliance Management Process

Apr 13, 2014 8:27:00 AM By Stu Sjouwerman
We are excited to announce a new whitepaper that covers important compliance requirements that you are obligated to satisfy, provides some high level recommendations about what you can do ...
Continue Reading

Do you recognize yourself in The Compliance Curve?

Mar 7, 2014 3:57:00 PM By Stu Sjouwerman
Have a look at the curve here. Do you recognize yourself? It's the process that many IT pros told us they go through on a regular basis, much like Groundhog Day.  
Continue Reading

89% Fail To Maintain PCI Compliance Between Assessments

Feb 21, 2014 2:15:00 PM By Stu Sjouwerman
OUCH. Verizon said in a report this month that 89% of organizations that achieve annual compliance with the PCI Data Security Standard -fail- to maintain that status after passing the ...
Continue Reading

NIST Releases Voluntary Cybersecurity Compliance Framework

Feb 13, 2014 4:12:00 PM By Stu Sjouwerman
Continue Reading

The Relationship Between Compliance And Security

Feb 7, 2014 5:47:00 PM By Stu Sjouwerman
This venn-diagram illustrates the relationship between Compliance and Security in a funny way.
Continue Reading

Dont Let Your C-Level Execs Wind Up At Capitol Hill Like This

Feb 7, 2014 4:58:00 PM By Stu Sjouwerman
Continue Reading

CyberheistNews Vol 4, # 05

Feb 4, 2014 9:03:00 AM By Stu Sjouwerman
CyberheistNews Vol 4, # 05  
Continue Reading

The Gap Between PCI Compliance And IT Security

Feb 3, 2014 1:32:00 PM By Stu Sjouwerman
You may have seen this diagram before, and it's meant to be both entertaining and instructive. It is obvious to all of us that if your organization's focus is to "be compliant", the goal ...
Continue Reading

INFOGRAPHI​C: The Illusion of Personal Data Security in E-Commerce

Jan 30, 2014 9:25:00 AM By Stu Sjouwerman
Dashlane’s first quarterly Personal Data Security Roundup was released recently. The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are ...
Continue Reading

Do You Automate Sending SMS/Text Messages For Marketing?

Jan 30, 2014 8:58:00 AM By Stu Sjouwerman
My friend Chip Cooper at digicontracts sent me this, and I think it's a good heads up for all of you. There is a common misconception that text/SMS messages are subject to the same ...
Continue Reading

PCI DSS 3.0 Compliance – What’s New? An Infographic…

Jan 19, 2014 9:27:00 AM By Stu Sjouwerman
Last month, the PCI Security Standards Council (PCI SSC) officially released the v3.0 compliance standards, but it will take some time before everyone involved (merchants, service ...
Continue Reading

Finally. Affordable Audit and Compliance Workflow Automation

Jan 8, 2014 1:13:00 PM By Stu Sjouwerman
Tampa Bay, FL (PRWEB) January 08, 2014
Continue Reading

KnowBe4 Grows 427% Year Over Year

Jan 1, 2014 9:21:00 AM By Stu Sjouwerman
Continue Reading

Did Being Compliant Just Get A Lot Easier?

Dec 26, 2013 4:10:00 PM By Stu Sjouwerman
Practically all of our customers need to be compliant with one or more regulations. Over the years they have told us that regular audits are taking up too much of their time, and that ...
Continue Reading

Data Security Laws And Penalties: Pay IT Now Or Pay Out Later

Dec 6, 2013 5:18:00 PM By Stu Sjouwerman
Continue Reading

CyberheistNews Vol 3, # 40

Sep 30, 2013 5:19:00 PM By Stu Sjouwerman
CyberheistNews Vol 3, # 40  
Continue Reading

The New PCI Standard V3: How To Align Your Security Program

Sep 27, 2013 1:54:00 PM By Stu Sjouwerman
August 2013, the PCI Security Standards Council published a heads-up about the new Version 3 and what is going to change. The standard will be introduced November 2013, but version 3.0 ...
Continue Reading

New Whitepaper: Legal Compliance Through Security Awareness Training

Aug 21, 2013 2:45:00 PM By Stu Sjouwerman
KnowBe4 and Micheal R. Overly Esq have published a brand new whitepaper.
Continue Reading
Subscribe

Search Our Blog


Domain Spoof Test Contest

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews