Security Awareness Training Blog

Compliance Blog

Compliance news as it relates to cybersecurity, who it affects, and how to stay compliant.

View Topics

Federal Contractor? Insider Threat Training Deadline June 1- Don't Lose Your Clearance

Jun 7, 2017 4:38:21 PM By Stu Sjouwerman
Insider Threat Training Requirement for US Gov't Contractors (Deadline May 31, 2017) SANS just alerted US federal contractors that wish to maintain their clearances must have completed an ...
Continue Reading

Cybersecurity Top Risk Consideration In Board Room

Dec 31, 2014 2:23:30 PM By Stu Sjouwerman
The Wall Street Journal polled its readers and asked them to rate the top compliance issues of 2014. The answers were very interesting! 
Continue Reading

PCI Publishes Guidance On Security Awareness Training

Nov 1, 2014 11:46:00 AM By Stu Sjouwerman
The Payment Card Industry Council thinks Security Awareness Training is so important that they just published a 25-page guidance paper that fully explains the why, how and what of ...
Continue Reading

Federal Compliance Rules Skyrocket

Jun 22, 2014 1:24:00 PM By Stu Sjouwerman
Underscoring the difficulty of compliance management in the context of just US federal rulemaking – not to mention rules published by state, local and other governments and organizations ...
Continue Reading

NISTs New Approach to Cybersecurity Standards

May 14, 2014 10:30:00 AM By Stu Sjouwerman
Applying Engineering Values to IT Security. The National Institute of Standards and Technology is developing new cybersecurity standards based on the same principles engineers use to ...
Continue Reading

4.8 Million Heftiest HIPAA Fine From Federal Regulators Yet

May 12, 2014 1:55:00 PM By Stu Sjouwerman
Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just ...
Continue Reading

New Whitepaper: Improving the Compliance Management Process

Apr 13, 2014 8:27:00 AM By Stu Sjouwerman
We are excited to announce a new whitepaper that covers important compliance requirements that you are obligated to satisfy, provides some high level recommendations about what you can do ...
Continue Reading

Do you recognize yourself in The Compliance Curve?

Mar 7, 2014 3:57:00 PM By Stu Sjouwerman
Have a look at the curve here. Do you recognize yourself? It's the process that many IT pros told us they go through on a regular basis, much like Groundhog Day.  
Continue Reading

89% Fail To Maintain PCI Compliance Between Assessments

Feb 21, 2014 2:15:00 PM By Stu Sjouwerman
OUCH. Verizon said in a report this month that 89% of organizations that achieve annual compliance with the PCI Data Security Standard -fail- to maintain that status after passing the ...
Continue Reading

NIST Releases Voluntary Cybersecurity Compliance Framework

Feb 13, 2014 4:12:00 PM By Stu Sjouwerman
Continue Reading

The Relationship Between Compliance And Security

Feb 7, 2014 5:47:00 PM By Stu Sjouwerman
This venn-diagram illustrates the relationship between Compliance and Security in a funny way.
Continue Reading

Dont Let Your C-Level Execs Wind Up At Capitol Hill Like This

Feb 7, 2014 4:58:00 PM By Stu Sjouwerman
Continue Reading

CyberheistNews Vol 4, # 05

Feb 4, 2014 9:03:00 AM By Stu Sjouwerman
CyberheistNews Vol 4, # 05  
Continue Reading

The Gap Between PCI Compliance And IT Security

Feb 3, 2014 1:32:00 PM By Stu Sjouwerman
You may have seen this diagram before, and it's meant to be both entertaining and instructive. It is obvious to all of us that if your organization's focus is to "be compliant", the goal ...
Continue Reading

INFOGRAPHI​C: The Illusion of Personal Data Security in E-Commerce

Jan 30, 2014 9:25:00 AM By Stu Sjouwerman
Dashlane’s first quarterly Personal Data Security Roundup was released recently. The roundup takes a look at password policies of the top 100 e-commerce sites, and the results are ...
Continue Reading

Do You Automate Sending SMS/Text Messages For Marketing?

Jan 30, 2014 8:58:00 AM By Stu Sjouwerman
My friend Chip Cooper at digicontracts sent me this, and I think it's a good heads up for all of you. There is a common misconception that text/SMS messages are subject to the same ...
Continue Reading

PCI DSS 3.0 Compliance – What’s New? An Infographic…

Jan 19, 2014 9:27:00 AM By Stu Sjouwerman
Last month, the PCI Security Standards Council (PCI SSC) officially released the v3.0 compliance standards, but it will take some time before everyone involved (merchants, service ...
Continue Reading

Finally. Affordable Audit and Compliance Workflow Automation

Jan 8, 2014 1:13:00 PM By Stu Sjouwerman
Tampa Bay, FL (PRWEB) January 08, 2014
Continue Reading

KnowBe4 Grows 427% Year Over Year

Jan 1, 2014 9:21:00 AM By Stu Sjouwerman
Continue Reading

Did Being Compliant Just Get A Lot Easier?

Dec 26, 2013 4:10:00 PM By Stu Sjouwerman
Practically all of our customers need to be compliant with one or more regulations. Over the years they have told us that regular audits are taking up too much of their time, and that ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Has Gone Nuclear Webinar

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews