I just got off a 30-minute call that came unsolicited from a young-sounding man with a very thick Indian accent who, when I asked him his name, said it was Jason Anderson (doesn’t sound like an authentic name of someone from India). He told me he was calling me because there had been a lot of complaints in my area about malicious code damaging operating system software and he wanted to be sure my operating system was not impacted. (more…)
Archive for the ‘Uncategorized’ Category
HITECH Act: Breach Notification Is Necessary Based Upon Items Used In De-Identification
Wednesday, July 29th, 2009Continuing along the discussion of the HITECH Act this week, I want to consider a couple of questions I recently discussed with a CISO at a healthcare insurer about when breach notification is necessary…
Humorous Security Calendar
Wednesday, February 18th, 2009Check out a sample month of a humorous information security wall calendar that Rick Lawhorn created that “tracks notable breaches, infosec facts and viruses.”
Massachusetts Encryption Law Pushed Back Once More
Wednesday, February 18th, 2009Monday I received messages almost at the same time from Brandon Dunlap and Brett J. Byers; thanks Brandon and Brett!
They were notifying me of yet another delay in the Massachusetts law, “201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH”
As explained on the website:
Use This RBS Worldpay News Report For Training
Thursday, February 5th, 2009On November 8, 2008 more than 130 ATM machines in 49 cities throughout the world were hit by a group of cybercriminals during a 30-minute period.
Insider Threat & More Examples Related To Putting Info on the Internet
Saturday, December 13th, 2008Here are some more examples of the dumb things that folks (often times folks within your organization) put on the Internet that had some bad repercussions…remember, once you put something on the Internet, even for a short period of time, you might as well accept that it will be out there forever…
Medical Identity Theft Is On The Rise
Tuesday, September 9th, 2008For day 2 of Global Security Week I want to highlight the growing problem of medical identity theft…
100+ Hot Spots During A Short Drive Around Town
Monday, June 16th, 2008Last Friday my 8-year-old son and I looked for a wifi hotspot to work from while my 11-year-old son was at band camp for the day (I didn’t want to waste gas by driving all the 25+ miles back home, and then driving into town again to pick him up at the end of the day). We discovered the IHOP close by actually has free wireless access…I did not know that! So, we had lunch there and I did work while we ate.
P2P Security Study Released
Monday, April 28th, 2008Insider Threat, the Value of Computer Logs & the Need for Consistent Policy Enforcement
Monday, December 3rd, 2007In recent years many organizations have implemented the use of computer logs on their networks to be in compliance with multiple laws. However, here’s a perfect example of the value of computer logs beyond just to be in compliance; using them for one of the things they were meant to do…catch inappropriate activity and provide evidence that a specific person is doing something inappropriate or outright wrong.
A current news story documents how computer logs will likely cost a cop his pension and could point to evidence for his missing wife.
