There is a rapid enterprise movement toward the cloud, and yet such movement has remained uncoordinated. Gartner estimates that less than one-third of enterprises have a documented cloud strategy. This has led to an explosive growth in Shadow IT and Shadow data as well as application development that is uncoordinated and inefficient. When it comes to the current security landscape, Gartner research has identified that SaaS applications are often...

The Federal Trade Commission (FTC) and the Office for Civil Rights (OCR) have jointly released a guide on the importance of complying with both HIPAA and the FTC Act. The guide reminds healthcare organizations to comply with both regulations as investigations or fines for non-compliance are assessed independently by each agency. The document re-asserts the FTC’s authority over HIPAA-covered entities. It is yet another instance where the FTC is...

The PCI Security Standards Council (SSC) recently compiled some resources on how to create a Culture of Cybersecurity. These resources reflect changes made to the PCI Data Security Standards (DSS) that require executive responsibility for data security. The PCI SSC regularly updates its standards based on feedback from the PCI Council’s more than 700 global participating organizations as well as data breach report findings and industry changes. The most recent release...