The Compliance Authority Synopses

Staying Abreast of Regulations in a Global Environment – In this article Caroline Vitse, MSP TechMedia talks about the need to stay informed about the new government regulations, standards, and guidelines. She explains how the new mapping tool, UCF can help companies to track the different regulations and map the overlaps between them. She also explains the advantages of using IT-GRC tools to manage the many IT-GRC initiatives at one place. She concludes that the tools for managing regulations are available but at first companies need to be aware of the rules before doing anything with the tools.

Mobility and Security – Mathieu Gorge, CEO, VigiTrust in this article elucidates the frightening security concerns of mobile technology. He points out the increased risk levels as regards to unwired corporate communication tools and explains the different measures to address the risks posed by mobility devices.

Heading off the Next Big Breach – This article by Ryan Rhodes looks at data breaches happening within the companies, the need for strict policing the activities of the privileged users and the measures to tackle the security breach by privileged users.

Increasing Your Risk IQ – Mathieu Gorge, CEO, VigiTrust in this article elucidates with examples about data loss, theft, and leakage incidents. He explains the different measures to ensure data protection i.e. data classification policies, data protection and retention policies, and Acceptable Usage Policies (AUPS). He also throws light on as to whether the regulatory frameworks and industry standards really adds value to the problem of data protection.

Security during the M&A Project Lifecycle – This article by Mathieu Gorge, CEO VigiTrust throws light on the different phases of the M&A projects, security related risks associated with each phase, and the different ways to maintain security levels for M&A projects. He also lists the usual mistakes that must be avoided during the M&A lifecycle to ensure that the security levels are maintained.

The Future of Security Standards & Regulatory Frameworks to be presented by Mathieu Gorge, CEO, VigiTrust

This webinar will provide a review of key industry and legal security mandates and suggests a simple framework to help organizations with their compliance effort.

Abstract:
The intent or desire of governments and industry bodies to regulate how data is to be protected is clear. Given the current economic climate where governments end up owning critical financial assets as well as critical infrastructure, we can expect stricter implementation of data security mandates as well as new regulations over the next 18-24 months. The proposed US consumer protection laws initiated by the Obama administration as well as the proposed EU data breach disclosure laws will also put more emphasis on businesses to protect sensitive data. What is required is a “healthy” and balanced mix of pre-emptive data protection controls together with data breach notification frameworks rather than either of the aforementioned. How does an international organization achieve and maintain compliance with data security mandates?

Recommend Attendees:
CSO, CISOs, CEOs, Compliance Officers, PCI DSS Project Managers

This first webinar coming up in October will be a part of a series of webinars.  In addition, this part of "The Data Regulation Webinar Series" includes

Coming up in October: 
      ii) The Evolution of State Regulation into Federal Regulation e.g. 201 CMR 17:00 in Massachusetts and the Implications for Other States.  This is important for companies who are deciding what regulations they need to be ready for. 

Coming up in November:
     iii) EU Data Protection vs. US Privacy Regulation.  To be presented by Mathieu Gorge and another expert, it throws light as to how the US based organizations deal with the EU regulatory regimes.

Any questions or comments? We'd love to get your feedback. We're also interested in new submissions. Please contact us at editor@thecomplianceautority.com.
The Compliance Authority Editorial Staff

>>>>>>>>>>>>>>>>>>>>>>>>>>>
If you would like to be removed from The Compliance Authority's weekly email distribution, please reply to this email with REMOVE in the subject line.