My long-time friend, Richard Power, recently published an article in CSO magazine about a recent study he and Jody Westby did at Carnegie-Mellon in his Cylab center…
Archive for the ‘Information Security’ Category
Study Highlights Too-Common Problem: Boards And Executives Do Not Understand Info Sec & Privacy Risk
Friday, December 5th, 200825% Of Workers Ignore Internet Use Policies
Wednesday, December 3rd, 2008A couple of days ago Asylum reported…
An SMB PCI DSS Learning Opportunity
Tuesday, December 2nd, 2008{Wow…love a chance to use 3 initializations in a row… 🙂 }
Over the past week I have been getting my holiday shopping done, almost entirely all online. I love to find unique stores, often small and medium sized businesses (SMBs) with interesting items, and I found one small store in Florida that makes some great, creative photo items at a reasonable price. Their online site was a little hard to navigate, though, so I spent a little time doing a bit of research about the store. They have been around since the 1980’s, and I could find no complaints about them. Their order form encrypted the input, but it was hard to figure out how to fill it in; I couldn’t get more than one photo uploaded to order more than one ornament, coffee mug, etc., at one time…
Info Sec and Privacy Concerns For Mobile Workers
Monday, December 1st, 2008A couple of weeks ago, while I was at the CSI Annual conference doing sessions and giving my 2-day class there, I took some time to do an interview with Mike Brennan at Michigan Tech News radio about the keynote I did the week before in Kalamazoo, MI; the podcast of it was just posted today…
A New Risk Management Standard Worth Looking At
Saturday, November 29th, 2008The bulk of data protection laws and regulations require that security and privacy controls be established based upon the organization’s existing and unique risks. Many organizations struggle to find a way to effectivevly determine the risks that exist for their businesses. Often what results is similar to taking a shot in the dark to determine risks.
Healthy Paranoia: A Nice Note That Brightened My Day!
Wednesday, November 26th, 2008Recently I was pleasantly surprised to receive the following message…
Healthy Paranoia: A Nice Note That Brightened My Day!
Wednesday, November 26th, 2008Recently I was pleasantly surprised to receive the following message…
Vishing Very Vicious
Sunday, November 23rd, 2008Ah, the fun and joys of texting, and everything else that accompanies cell phones and smart phones!
The dirty dogs who created phishing saw great opportunity to move their electronic social engineering scam to the phone to try and dupe anyone who falls for their seductive lures of saving large sums of money, winning huge pots of money, or otherwise seeing or participating in salacious activities and fun. Vishing criminals also try tactics of scaring you into giving them your personally identifiable information (PII) by threatening you with lawsuits, or worse.
Vishing Very Vicious
Sunday, November 23rd, 2008Ah, the fun and joys of texting, and everything else that accompanies cell phones and smart phones!
The dirty dogs who created phishing saw great opportunity to move their electronic social engineering scam to the phone to try and dupe anyone who falls for their seductive lures of saving large sums of money, winning huge pots of money, or otherwise seeing or participating in salacious activities and fun. Vishing criminals also try tactics of scaring you into giving them your personally identifiable information (PII) by threatening you with lawsuits, or worse.
Vishing Very Vicious
Sunday, November 23rd, 2008Ah, the fun and joys of texting, and everything else that accompanies cell phones and smart phones!
The dirty dogs who created phishing saw great opportunity to move their electronic social engineering scam to the phone to try and dupe anyone who falls for their seductive lures of saving large sums of money, winning huge pots of money, or otherwise seeing or participating in salacious activities and fun. Vishing criminals also try tactics of scaring you into giving them your personally identifiable information (PII) by threatening you with lawsuits, or worse.
