This document establishes the policy for the Information Security Program at Western Illinois University (WIU). The formation of this policy is driven by many factors, including the need to protect ...

An information security framework, when done properly, will allow any security leader to more intelligently manage their organization's cyber risk. The framework consists of a number of documents that ...

This Written Information Security Program describes the safeguards implemented by DePauw University to protect confidential data. The goal of the program is to ensure the security of these assets to ...

The objective of Connecticut College in the development and implementation of this comprehensive written information security program (“WISP”) is to create and guide the implementation of effective ...

The University at Buffalo Information Security Office maintains an Information Security Incident Response Plan providing a framework which ensures information security incidents are managed ...

During my conversations with company leaders, I'm often asked how security measures can be improved. Usually, they mean their information security program, but sometimes they mean physical security ...

The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of ...

UPDATE: This story has been updated with comments from GSA. The General Services Administration is quietly placing new cybersecurity requirements on contracts that parallel the Defense Department’s ...

Every organization, regardless of size or the revenue it generates, needs a security program. According to a recent International Data Corporation (IDC) report, "By 2027, the average enterprise will ...

Drug and device manufacturers are increasingly targeted by cyber threats that can compromise patient safety, intellectual property, and other critical data and systems, while also facing new ...

The purpose of this policy is to assist the organization in its efforts to fulfill its fiduciary responsibilities relating to the protection of information assets and comply with regulatory and ...