Security Boulevard

Beyond Remediation: How Mitigation Controls Close the Gap in Segregation of Duties Compliance

Managing Segregation of Duties risk doesn’t always mean removing access. Sometimes, the smarter path is monitoring the risk you’ve chosen to accept.   The Segregation of Duties Compliance Challenge ...
CSOonline

Slow EDR Rollout Requires a NG-IDS Compensating Control

When Anton Chuvakin, then a Gartner Analyst, first coined the term endpoint detection and response (EDR) in 2013, most enterprises raced to replace antivirus (AV) with EDR. And that makes sense, as ...
Computerworld

Sarbanes-Oxley: Technical enforcement of IT controls

Nov. 15 looms large for corporate executives who will soon have to certify compliance with Section 404 of the Sarbanes-Oxley Act. Their assertions on the effectiveness of internal controls over ...
Forbes

The Critical Role Of Vulnerability Management In Compliance

Many organizations prioritize compliance, assuming it ensures security—but does it, actually? Vulnerability management should come first, as security is about proactively identifying and mitigating ...