Archive for February, 2008

Promoting Science and Technology

Thursday, February 28th, 2008

I participate in the LinkedIn community, and I was intrigued this morning to find a question posted by Bill Gates (yes Microsoft Bill)!

“How can we do more to encourage young people to pursue careers in science and technology?”


Are You Taking The Panda Security Challenge?

Wednesday, February 27th, 2008

I was very intrigued to get an email yesterday from a security software vendor announcing a contest daring information security practitioners to find a malware-free network and they’ll give you $10,000.
Here’s the text of the message:


New HIPAA Security Information on the CMS website

Tuesday, February 26th, 2008

I just got a notice from the U.S. Department of Health and Human Services (HHS)…
New HIPAA Security Information on the CMS website


Great Information Security and Awareness Event Coming In April

Tuesday, February 26th, 2008

There’s a great information security and privacy awareness event coming up, Internet Safety Night on April 23, 2008, 6:30-8:30 p.m.


Have You Reviewed the FTC’s Proposed Privacy Principles Yet?

Monday, February 25th, 2008

If you are responsible for information security or privacy at your organization, and your organization does marketing, here is something you need to know about and discuss with your marketing folks. I blogged about this in December.


Example privacy breach response plan

Sunday, February 24th, 2008

Too few organizations are prepared to respond to a privacy breach when it happens. Too many naively believe a privacy breach will not happen to them.
It is helpful to look at existing privacy breach notice plans when creating your own. The U.S. government agencies actually provide some good plans you can use as examples.


Educational Security Incidents Year in Review 2007

Thursday, February 21st, 2008

Since I’m talking about “The Anatomy of a Privacy Breach” at Berkeley today, I thought it would be timely to point out a great resource that details the very many privacy breaches that occur within colleges and universities.


The Anatomy of a Privacy Breach

Wednesday, February 20th, 2008

Today I’m flying from the very frigid sub-zero temps of Iowa out to the University of California at Berkeley. I was invited to give a lecture, and considering the ongoing increase in privacy breaches, I chose to talk about “The Anatomy of a Privacy Breach.”


Insider Threat: Ex-Employee Takes Files To New Employer

Tuesday, February 19th, 2008

Here’s a good article for your files, and to point out to your legal counsel to point out the very real insider threat to information security and privacy…
A Massachusetts trial court recently ruled that the unauthorized transfer of electronic files is actionable as a conversion under Massachusetts’ common law.


Have You Looked In Your Trash Bins Lately?

Monday, February 18th, 2008

It shouldn’t still amaze me, but it does, how often so many organizations just dump huge amounts of printed paper containing tons of personally identifiable information (PII) right into their dumpster sitting behind their building, in the alley, or some other easily reachable public location.
Here’s yet another example of a business throwing away people’s privacy in their trash dumpster…