The Department of Homeland Security (DHS) recently released the draft “IT Security Essential Body of Knowledge (EBK)” for public comment and feedback.
This 45-page document outlines the skill sets the groups working with the DHS have determined as being necessary for different information security topics. Many information security folks asked why another information security EBK was necessary when there was already the CISSP Common Body of Knowledge (CBK).
Archive for the ‘Information Security’ Category
DHS IT Security EBK: Don’t Complain After They Are Published…Comment On Them While You Can!
Friday, November 30th, 2007Email is for “Old People”: Do Lack of Laws Make IM and Texting Ripe for Exploiting Children & Teens?
Wednesday, November 28th, 2007My 13-year-old-niece wrote an article for me about social engineering, and I got a chuckle out of her writing, “Maybe I’m old-fashioned, but I only use email. I don’t have my own FaceBook site.”
Can you imagine email being old-fashioned?! Gosh, my hand-written letters must be prehistoric!
Information Security and Privacy Leaders, Get Your Elevator Speeches Ready For Your CxOs!
Monday, November 26th, 2007My father was the superintendent of the public school district where I grew up in Missouri. He was a very hands-on type of leader; when he was not filling out forms, writing reports, making plans, or in meetings he was out in the hallways seeing what was up with the students and teachers and making sure that all was well. And then the evenings were busy with basketball games, concerts or other school events. Those school employees, parents and students that were able to talk with him during opportune times in the hallway or in the bleachers during time-outs, and get their concerns or points stated succinctly and clearly, made a positive impression with my dad. He appreciated that they communicated their ideas and concerns clearly, and got right to the point.
If you had an opportunity to speak for a few minutes with your CEO, CFO, or other CxO, would you be prepared to communicate succinctly and clearly your concerns and state your points regarding the importance of your information security and privacy initiatives?
7 More Reasons Why Sending Cleartext IM and Email Is *NOT* Secure Even If Your Doc Says It Is…Part 2
Wednesday, November 21st, 2007As a continuation of my blog posting from Monday, here are 7 additional reasons to add to the previous 4 for why sending cleartext instant messages (IMs) and email is not secure:
Sending Cleartext IM and Email Is *NOT* Secure Even If Your Doc Says It Is…Part 1
Monday, November 19th, 2007I got some interesting comments and questions, and lots of good direct feedback, about my blog post on sending cleartext patient information last week, “HIPAA: Beware Doctors Who Claim They Don’t Have To Follow Safeguard and Privacy Requirements” so I wanted to take this opportunity to discuss the topic a little more.
Sending Cleartext IM and Email Is *NOT* Secure Even If Your Doc Says It Is…Part 1
Monday, November 19th, 2007I got some interesting comments and questions, and lots of good direct feedback, about my blog post on sending cleartext patient information last week, “HIPAA: Beware Doctors Who Claim They Don’t Have To Follow Safeguard and Privacy Requirements” so I wanted to take this opportunity to discuss the topic a little more.
A Lesson In IT Backup Media Management From Francis Ford Coppola
Friday, November 16th, 2007As I was reading this week’s issue of Time magazine I found a backup lesson given by Francis Ford Coppola!
HIPAA: Beware Doctors Who Claim They Don’t Have To Follow Safeguard and Privacy Requirements
Thursday, November 15th, 2007My good friend Alec recently made me aware of a very interesting blog post made by a physician (thanks Alec!) that is frankly quite troubling.
U.S. Federal Teleworking Report Reminds Us that Teleworking Saves Time and Resources, But Must Be Done With Safeguards In Place
Wednesday, November 14th, 2007On November 6 there was a an interesting hearing held by the U.S. Subcommittee on Federal Workforce, Postal Service, and the District of Columbia about teleworking in the federal agencies.
Considering large numbers of privacy breaches occurring within government agences involving mobile computing devices and storage devices, this caught my eye.
