Archive for the ‘Training & awareness’ Category

« Older Entries
Newer Entries »

Business Info Fact Of The Day: International Data Privacy Day Is January 28, 2009

Sunday, January 11th, 2009

It is almost time, once more, for international Data Privacy Day; January 28, 2009!
Don’t just sit there; plan something to make your personnel, your family and friends, and/or your community more aware of privacy issues and concerns!
Here are a few ideas to get you started:

(more…)

Tags:, , , , , , , , , , , ,
Posted in Privacy and Compliance, Training & awareness | 3 Comments »

Audit’s Role in Privacy Breach Response

Monday, January 5th, 2009

Next week, on Wednesday, January 14, I will be in Minneapolis, MN speaking at the Minneapolis Gateway Hotel for the ISACA Winter Quarterly Meeting/Social.
My topic will be, “Internal Audit’s Role in Responding to Privacy Breaches.”
Here’s a synopsis…

(more…)

Tags:, , , , , , , , ,
Posted in Privacy Incidents, Training & awareness | No Comments »

Information Security & Privacy Training Should NOT Be Optional

Monday, December 22nd, 2008

Over the past couple of weeks I’ve heard three different information security and privacy officers talk about making information security and privacy training within their organizations optional…not required…for personnel who have access to information assets and personally identifiable information (PII). Leaving training to the discretion of employees is very risky!

(more…)

Tags:, , , , , , ,
Posted in Information Security, Privacy and Compliance, Training & awareness | 1 Comment »

Use Case Studies To Make Learning More Effective

Friday, October 31st, 2008

I’m in the process of updating the case studies for the 2-day class I’m giving…TWICE…in the next few weeks, “Information Security and Privacy Convergence and Collaboration.”
First in Grand Rapids, Michigan, hosted by the Michigan InfraGard and the West Michigan Chapter of ISACA on November 12 and 13.
Second immediately following the CSI Annual conference in National Harbor, MD (just south of D.C.) on November 20 and 21…

(more…)

Tags:, , , , , , , , , ,
Posted in Training & awareness | No Comments »

Use Case Studies To Make Learning More Effective

Friday, October 31st, 2008

I’m in the process of updating the case studies for the 2-day class I’m giving…TWICE…in the next few weeks, “Information Security and Privacy Convergence and Collaboration.”
First in Grand Rapids, Michigan, hosted by the Michigan InfraGard and the West Michigan Chapter of ISACA on November 12 and 13.
Second immediately following the CSI Annual conference in National Harbor, MD (just south of D.C.) on November 20 and 21…

(more…)

Tags:, , , , , , , , , ,
Posted in Training & awareness | No Comments »

Use Case Studies To Make Learning More Effective

Friday, October 31st, 2008

I’m in the process of updating the case studies for the 2-day class I’m giving…TWICE…in the next few weeks, “Information Security and Privacy Convergence and Collaboration.”
First in Grand Rapids, Michigan, hosted by the Michigan InfraGard and the West Michigan Chapter of ISACA on November 12 and 13.
Second immediately following the CSI Annual conference in National Harbor, MD (just south of D.C.) on November 20 and 21…

(more…)

Tags:, , , , , , , , ,
Posted in Training & awareness | No Comments »

Create A Clear Education Strategy BEFORE Asking Executives for Training and Awareness Support

Wednesday, October 29th, 2008

Information security, privacy, and compliance practitioners must obtain the support of executive management to be successful. So how do you do this?
I talk about this in the first section of the first article of my October issue of “IT Compliance in Realtime Journal.”
Here is the unformatted version of the first section of the first article; download the PDF to see a much nicer-looking version…

(more…)

Tags:, , , , , , , ,
Posted in Information Security, Privacy and Compliance, Training & awareness | No Comments »

Insider Threat Example: Obama’s Campaign Folks Make Email Mistake

Wednesday, October 15th, 2008

No matter how much technology you throw at trying to prevent security incidents, the weakest link in the organization, your personnel (who could be your strongest link with effective training and ongoing awareness) can defeat that security technology.
On purpose, because of lack of knowledge, or by making a plain ol’ mistake.
And EVERYONE makes mistakes. Fewer if they are more diligently aware though.

(more…)

Tags:, , , , , , , , , , ,
Posted in Information Security, Training & awareness | No Comments »

Info Security & Privacy Convergence in Michigan!

Friday, October 10th, 2008

I just realized that I have not yet posted about providing our “Information Security and Privacy Convergence and Collaboration” 2-day training class that I’ll be co-teaching with Chris Grillo in Grand Rapids, MI on Wednesday, November 12, 2008 AND Thursday, November 13, 2008 See more about it here.

(more…)

Tags:, , , , , , , ,
Posted in Training & awareness | No Comments »

Information Security and Privacy Convergence and Collaboration

Monday, October 6th, 2008

Effectively addressing and coordinating privacy and information security initiatives has moved to the top of the list for companies maintaining customer and employee information. However, there are often gaps in communication and collaboration between Privacy and Information Security activities.
These gaps create more complexity and bigger challenges for companies to handle, as well as putting the organization at greater risk for incidents, along with contractual and regulatory noncompliance.

(more…)

Tags:, , , , , , , , , ,
Posted in Training & awareness | No Comments »

« Older Entries
Newer Entries »