Risk Management

Risk Management | News, how-tos, features, reviews, and videos

A legacy from the 1800s leaves Tokyo facing blackouts

East Japan entered its fifth day of power rationing on Friday, with no end to the planned blackouts in sight. The power shortages began last week when a massive earthquake and tsunami knocked nuclear power stations offline. The local...

Flash, DRAM prices spike on worries over supplies from Japan

Prices of widely used chips, including NAND flash memory and DRAM, have both risen sharply since the 9.0-magnitude earthquake struck and hurled tsunami waves at the northeastern part of Japan.

eGRC vs. IT GRC

Most analysts break the market down into two broad categories: IT GRC and Enterprise GRC (eGRC). The vendors generally don't make it any easier for potential enterprise customers, as the IT GRC players often claim they do eGRC, and...

IT GRC tools: Control your environment

As enterprises approach a high level of maturity in their IT governance, risk and compliance (GRC) programs, they face a conundrum: How can they effectively implement and manage policies and their supporting controls to maintain a...

5 ways to make sure you aren't the next Wikileak

Here are five key tips to help your government agency or enterprise avoid being the source of the next Wikileak.

What you missed: Deferred IT maintenance is a ticking time bomb

The No. 5 top sleeper tech story of 2010

Entertaining risk analysis

Risk management is, in a word, complicated. Hmmm... not strong enough – make that two words, it's extremely complicated.

IBM to acquire OpenPages

IBM is acquiring OpenPages, a privately-held company that makes risk management software. Terms of the deal were not disclosed.

The quiet threat: Cyber spies are already in your systems

Special report: Electronic espionage from China and others could be stealing your vital product and business information right now

IT pros: Lurking legal gotchas and how to avoid them

Ignorance and seemingly innocent activities can subject you to fines, lawsuits, and even jail. Here's how to play it safe

Gain the upper hand on governance and compliance with SaaS-based SecureGRC

Most of the governance, risk and compliance automation tools on the market are aimed at large enterprises with complex environments and deep resources. But smaller companies need governance and must meet compliance mandates, too. Now...

Top 6 IT skills employers are looking for

Last month Dark Reading posted an article by Kelly Higgins on Six Hot and Sought-After IT Security Skills. Based on interviews with hiring managers from recruitment firms, the IT security job market is booming and here are the top...

Security pros, meet your new best friend: the CFO

Executives in charge of information security should make friends with the CFO, who can give them a broad overview of corporate priorities and see to funding the most important IT projects that protect corporate data.

2010 tech forecasts: What the accurate analysts predict

New-year predictions are often iffy, but these firms were pretty accurate in their 2009 calls. Will they be right again?

Y2K: 10 years later

IT's first big public challenge remembered, its seriousness still debated -- and the 2038 'son of Y2K' bug still to occur

Open source: How e-voting should be done

An open source approach to open voting systems is essential to the integrity of our electoral process. Here's a technical blueprint for securing the vote

New regulations will soon swell IT workloads

Government's response to the financial meltdown will require major tech initiatives for compliance, despite the recession's cutbacks

SP 800-53 is essential for security in federal government IT systems

SP 800-53 (Appendix H) provides two-way mappings between security controls defined in SP 800-53 and security controls defined in international security standard ISO/IEC 27001, Information Security Management Systems

SP 800-53 is essential for security in federal government IT systems

SP 800-53 (Appendix H) provides two-way mappings between security controls defined in SP 800-53 and security controls defined in international security standard ISO/IEC 27001, Information Security Management Systems

NIST SP800-53 Rev. 3: Risk Management Framework Underpins the Security Life Cycle

SP 800-39 also provides guidance for managing risk associated with the development, implementation, operation, and use of information systems.

Load More