to help enterprise security across Europe
The resource centre for busy senior executives seeking the latest insights into IT Compliance & Privacy issues for major organizations
sarbaines oxley ofcom communications regulator
Latest Resources      data protection register
compliance resources privacy resource center

Breaking Global News
Global Compliance and Privacy News
- Breaking News, updated every 30 minutes
•   Compliance, Privacy and Security
•  Money Laundering
•  Phishing
•  Regulatory Issues
•  SOX, Basel 2, MiFID

You Tell Us:

We use SSL Technology for web data entry points:

What is SSL?

Are Smartphones Endangering Security? - Wick Hill
Dealing with Internet Security Threats - Ian Kilpatrick
How the New EU Rules on Data Export Affect Companies in and Outside the EU - Thomas Helbing
Farmers' Data Leak Highlights Old Technology Use - Wick Hill
Saving Money with SFTP - Wick Hill
UK Information Commissioner targets firm selling vetting data - Eversheds e80
12 Key Steps to Internet Security - Wick Hill
Telephone Monitoring Legality in the UK - Dechert
Firewall or UTM - Wick Hill
UK Information Commissioner demands mobile device encryption - Eversheds e80
Data loss - liability, reputation and mitigation of risk - Eversheds e80
Phorm, Webwise and OIX - BCS Security Forum
The challenges of PCI DSS compliance - Thales, Russell Fewing
"Quality" Data Vendor Spams us! Editor astounded!
National Gateway Security Survey 2008 - Wick Hill
Unified Threat Management - Watchguard Technologies

news archives
0 | 1 | 2 | 3 | 4 | 5 |
6 | 7 | 8 | 9 | 10 | 11 |
12 | 13
[What is this?]

Industry Blogs
Tim Berners Lee's Blog
Tim Callan's SSL Blog
Davis Wright Tremaine's Privacy & Security Law Blog
Emergent Chaos Blog
Michael Farnum's Blog
Phillip Hallam-Baker's Blog - The dotFuture Manifesto: Internet Crime, Web Services, Philosophy
Stuart King's Security and Risk Management Blog
David Lacey's IT Security Blog
Metasploit Official Blog
Jeff Pettorino's Security Convergence Blog
Jeff Richards's Demand Insights Blog
David Rowe's Risk ManagementBlog
Bruce Schneier's Security Blog
Larry Seltzer's Security Weblog
Mike Spinney's Private Communications Blog
Richard Steinnon's Threat Chaos Blog
The TechWeb Blog
Tim Trent's Marketing by Permission Blog
Rebecca Wong 's DP Thinker Blog

23 February Newsletter
Newsletter Archives are located in "News"

Industry Update
Internet Security Intelligence Briefing - November 2005
Find out the latest trends in e-commerce, web usage & the latest threats from adware/Spyware

Phorm, Webwise and OIX
- BCS Security Forum

'The Any Era has Arrived, and Everyione has Noticed' - Stratton Sclavos - VeriSign
Identity Security - Time to Share
Malicious code threats - iDefense
Public Alerts - updated as they happen from
Public Alerts - updated as they happen from Websense
Public Advisories - updated as they happen, from iDefense
Phoraging - Privacy invasion through the Semantic web: a special report by Mike Davies of VeriSign

Privacy Laws & Business International E-news, Issue 57
Privacy Laws & Business UNited Kingdom E-news, Issue 60

Security Reviews
February 2007 - VeriSign Security Review
The security review archive is here

Case Studies
Finance Industry
Case Study Example

A case study on a Finance industry company.

White Papers
VeriSign® Intelligent Infrastructure for Security
VeriSign® Intelligent Infrastructure: An Overview
Identity Protection Fraud Detection Service - description of the service
Life of a Threat - Video on Threat Management Lifecycle
Optimizing Enterprise Information Security Compliance - Dealing with all the audits
For a full list of all whitepapers, visit our Whitepaper library

Legal Notices
Privacy Policy
Terms of use

basel 2 sarbanes oxley
data controller notification binding corporate rules BCR data transfer third countries third part data transfer basel 2 regualtor regulation regulate FSA banking network security RSA encryptin algorithm Bits sacked bank staff
Blogs compliance Reports compliancy Legislation Data Protection Case Studies data privacy White Papers data protection act News information commissioner Events security standards Links information security iDefense
Retail Solutions

Blogs from Industry-Leading Bloggers on Security, Compliance, Privacy and more

compliance and privacy

Current News Updates

Blogs from Industry-Leading Bloggers on Security, Compliance, Privacy and more

Part of the philosophy at Compliance and Privacy is to create a wide ranging resource that crosses all the disciplines. Industry-Leading blogs are part of that

This image of Tim Berners lee may be copyright.  If you are the copyright owner please contact peter.andrews@complianceandprivacy.comTim Berners-Lee's Blog

Tim Berners-Lee, more properly Sir Timothy Berners-Lee KBE, FRS, FREng., is the Director of the World Wide Web Consortium , Senior Researcher at MIT 's CSAIL, and Professor of Computer Science at Southampton ECS. He is one of the reasons Compliance and Privacy is here and visible - he invented the World Wide Web.

Go to Tim Berners-Lee's Blog


Tim CallanTim Callan's SSL Blog

As Tim says on his blog: "Tim Callan is a product manager for VeriSign's SSL business unit. He is a longtime marketer of Internet and software solutions, a sometime entrepreneur, and a frequent writer and publisher of this and that. The opinions expressed in this blog are strictly his own."

Go to Tim Callan's Blog


Davis Wright Tremaine's Privacy and Security Law Blog

DWT Logo

DWT has a panel of blogging lawyers:

  • Joe Addiego from San Francisco
  • Kraig Bakerfrom Seattle
  • Brian Bennett from Seattle
  • Thomas R Burke from San Francisco
  • Kaustuv M Das from Seattle
  • Randy Gainer from Seattle
  • Bruce E H Johnson Head of the Privacy and Security Law Group
  • Lance Koonce (Editor), from New York City
  • Ronald G London
  • Peter Mucklestone form Seattle
  • Brian Wong from Washington DC

The range of topics covered by this panel is enormous

Go to the Davis Wright Tremaine's Blog.

Emergent Chaos Blog

Emergent Chaos is a group blog on security, privacy, liberty, and economics. We declared ourselves the Emergent Chaos jazz combo here

Adam Shostack is bandleader, and founded the blog.

Chris Walsh is longtime contributor, now posting on his own.

Arthur is the CISO of a very large company, which he prefers not to identify here

Go to the Emergent Chaos Blog.

Michael Farnum's Blog

Michael says about himself:

I am a Security Engineer for a security consultant / reseller. I live in Houston, Texas. I have been in IT since 1994. I have been in the InfoSec field since 2000. I have the following security related certifications: CISSP, GSEC Silver, Security +.

Go to Michael Farnum's blog

Phillip Hallam-Baker's Blogs:

  • Phillip Hallam-Baker The dotFuture Manifesto: Internet Crime, Web Services, Philosophy (a personal blog)
  • Web Security Blog (a VeriSign blog)

Phillip Hallam-Baker is Principal Scientist at VeriSign. He has contributed to the design of many Web security protocols including HTTP and HTTP Digest Authentication, XKMS, SAML, WS-Security and OATH. His current research focus is preventing Internet Crime. He holds degrees from Southampton University and Oxford University and has held research appointments at DESY, CERN and MIT.

The two blogs are aggregated together, in date order. Where Phillip blogs as himself he says very clearly: "This is a personal blog and does not represent the views of any other party including my employer." You can tell whether he blogs as himself or for VeriSign by the destination fo the links on the page

Go to Phillip Hallam-Baker's "mixed" public and private blog

Stuart King's Security and Risk Management Blog

Stuart King blogs for Computer Weekly on Security and Risk Management topics

Go to the Security and Risk Management Blog

David Lacey's IT Security Blog

David Lacey is a leading international authority on Information Security Management with more than 20 years professional experience of building Security and Risk functions for large organisations, including The Foreign & Commonwealth Office, The Royal Dutch/Shell Group and The Royal Mail Group. David is a keen futurist and innovator, firmly believing that the best way to predict the future is to invent it. Amongst other things, he developed much of the content for the British Standard BS7799 and he was a founding director of the Jericho Forum and the Institute for Information Security Professionals.

Go to David Lacey's IT Security Blog

The Metasploit Project Official Blog

The Metasploit Project's goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. The Metasploit Project Website was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers.

Go to the Metasploit Blog

Jeff PettorinoJeff Pettorino's Security Convergence Blog

Jeff Pettorino is a Senior Consultant for VeriSign Security Services. In his career history he has held the title of security engineer, data storage specialist, police officer, systems administrator, supervisor, contractor, writer, and philosoper. His consulting work focuses on network penetration testing, social engineering, physical security, and helping clients reach standards compliance.

Go To Jeff Pettorino's Security Convergence Blog

Jeff RichardsJeff Richards's demand Insights Blog

Jeff Richards is a Vice President in VeriSign's Information Services group (VIS). VIS is a market leader in providing next-generation infrastructure and real-time information in the Internet, Media, Retail and Healthcare markets. Jeff is a serial technology entrepreneur and Silicon Valley transplant currently posting from Northern Virginia, USA.

Prior to VeriSign, Jeff was President and CEO of R4 Global, an RFID industry leader acquired by VeriSign in May of 2005. Prior to R4, Jeff was a co-founder and executive at QuantumShift, an enterprise software and services provider in the telecommunications space. Prior to QuantumShift, Jeff was a management consultant with PricewaterhouseCoopers (now part of IBM).

Jeff has been featured in Forbes, CNET, Network World and other leading publications, and is a frequent speaker at major technology industry and investment forums. Jeff holds an AB from Dartmouth College and resides in Northern Virginia with his wife and two daughters.

Go to Jeff Richards's Blog

David Rowe's Risk Management Blog

SunGard executive vice president for risk management, David Rowe invites industry leaders to join a discussion community, offering thought leadership into all facets of risk management. Forward-looking commentary will be posted weekly by Mr. Rowe to open discussion, with industry participants invited to comment and contribute.

David says: “In recent years I have had many opportunities to discuss financial risk management issues with a wide range of academics and practitioners, often related to my monthly column in Risk magazine. It occurred to me that a blog would be an excellent way to extend these bi-lateral conversations to a multilateral framework open to all interested parties. For many of the topics we will cover, there will be no definitive answers. Nevertheless, a variety of perspectives and opinions often helps to clarify the problems that these issues inevitably raise.”

David is executive vice president for risk management at SunGard. In this role he advises SunGard customers and business units on risk management functionality and development priorities in their software applications. He also speaks frequently at industry conferences and seminars and writes a monthly column for Risk magazine. He is also co-chair of the PRMIA Education Committee and member of the London chapter steering committee.

Go to David Rowe's Blog

Bruce Schneier's Security Blog

Bruce SchneierBruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," Schneier is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier.

His first bestseller, Applied Cryptography , explained how the arcane science of secret codes actually works, and was described by Wired as "the book the National Security Agency wanted never to be published." His book on computer and network security, Secrets and Lies , was called by Fortune "[a] jewel box of little surprises you can actually use." His current book, Beyond Fear, tackles the problem

Go to Bruce Schneier's Blog

Larry Seltzer's Security Blog

Larry Selter's WeblogLarry Seltzer is the editor of Security Center. He wriotes an occasional blog on security matters taken from the articles.

Larry brings a wry view to the security arena, and often pours scorn on establishment opinions. Thatl;s precisely why we feature his weblog.

Go to Lary Seltzer's weblog

Mike Spinney's Private Communications Blog

Mike Spinney's Private Communications Blog Mike Spinney, CIPP, is principal of the communications consultancy SixWeight, and has more than fifteen years experience providing strategic communications counsel to business organizations.  His resume includes a stint with the U.S. Navy's intelligence service, many years as a public relations flack, and occasional turns as a writer.  From 2003 to 2005 he served with the International Association of Privacy Professionals as editor of the group's monthly member newsletter, the Privacy Advisor , and manager of the IAPP's communications program.  Since that time Spinney has immersed himself in leading privacy issues, earned professional credentials as a Certified Information Privacy Professional, and became a respected voice within the community of privacy professionals.

Today, Spinney is a writer and independent communications consultant, providing privacy-savvy counsel to his clients.  He is a member of the prestigious Ponemon Institute, co-chair of the IAPP's Boston chapter, and a member of the Merrimack Valley Venture Forum.  Spinney is a monthly contributor to the 1to1: Privacy newsletter, maintains his privacy blog, Private Communications, and is an opinionist for  His byline has appeared in a variety of publications, including Inc., Cigar Aficionado, RFID Journal , Robb Report, Interface Tech News, TIDE,  and Portland Magazine, to name a few.

Go to Mike Spinney's Blog

Richard Steinnon's Threat Chaos Blog

Richard SteinnonRichard Stiennon is founder and chief research analyst at IT-Harvest Inc. He is responsible for setting strategic direction as well as editorial coverage at this independent Information Technology research firm. Richard leads IT-Harvest in its efforts to compile the first comprehensive knowledgebase of the entire IT security market. Prior to joining IT-Harvest, he was VP of threat research for Webroot Software, Inc. the leading commercial anti-spyware solution.

Go to Richard Steinnon's Blog

The TechWeb Blog

A more technical blog from TechWeb that includes compliance, privacy and security, and extends into wider fields such as Phisheries Protection, worms, scams and other areas

Go to the TechWeb Blog

Tim TrentTim Trent's "Marketing by Permission" Blog

Tim has a long record in the Telemarketing and consultancy arena and was one of the first proponents of Direct Marketing in the UK as a business to business tool. At Gartner between 1998 and 2003, the world's largest IT research, measurement, consulting and event organisation, Tim was the global expert in EEC Data Privacy legislation and compliance, driving global compliance with national legislation. A good proportion of Gartner's published Data Protection Compliance research is published around Tim's work as Gartner's Chief Privacy Officer for Europe, Africa and the Middle East . He is one of Europe 's leading experts in compliance with data privacy regulations, and is in the forefront of implementing Permission Based Marketing. He publishes regular articles on Data Protection.

He tries to blog daily, and brings a unique insight to matters of Data Privacy.

Go to Tim Trent's Blog

Rebecca Wong's "DP Thinker" Blog

Rebecca has a commentary on Data Protection, usually with a United Kingdom bias. She is a Lecturer in law at Nottigham Trent University. Recent works include assisting the  European funded project, PRIVIREAL , which aimed to  examine the implementation of the Data Protection Directive 95/46/EC in relation to medical research and the role of ethics committees.

Currently exploring the implications of outsourcing and data protection. If you have views on this subject, please email her.

DP Thinker is a UK based cyberblog by a legal scholar, specialising in privacy and data protection developments (be it within Europe or the US). Any feedback/views to postings on DP Thinker are always welcome.

Publications to Date

  • Wong, R. The shape of things to come: Swedish developments on the protection of privacy, Script-Ed , (2005), 2.
  • Wong, R. Privacy: charting its developments and prospects In: Klang, M. & A. Murray, Human Rights in the Digital Age , January 2005.

Go to Rebecca Wong's Blog

Please note: Blogs contain items that are the responsibility of the author and are presented "as is" with no endorsement from, nor editing by, nor approval from or its sponsors, VeriSign. Blogs are dynamic. We offer them in good faith, but, where the content is outside our control we cannot be responsible for their errors, omissions or other conduct.


This site is independent of all its sources
The contents of the site are sourced from across the industry. All copyrights are acknowledged.