It really bothers me when so-called information security and privacy “experts” make statements that awareness activities have no impact. They base their opinions on measurements that could very well be, and likely are, unrelated to each other. Last year a study was presented in Europe claiming awareness activities has no impact on security.
Hogwash!
Archive for the ‘Information Security’ Category
Insider Threat Example: Engineer Leaks U.S. Military Secrets
Friday, May 11th, 2007There has been a lot of talk and blogging recently about whether or not there is a need for an information security industry/profession. Um sure, and there is no need for the physical security industry/profession either, is there?
As long as humans touch information in any way, electronically or physically, information security will be needed to provide them with policies, procedures, standards, guidance, training, ongoing awareness, and responding to and fixing the security messes and privacy breaches they cause.
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Data Security: OECD Publishes New Privacy Guidelines for Accessing Data From Publicly Funded Research Projects
Sunday, May 6th, 2007On May 3 the Organization for Economic and Cooperation and Development (OECD) released a new 24-page guideline,”Principles and Guidelines for Access to Research Data from Public Funding” for organizations in governments throughout the world regarding access to data from publicly funded research projects.
Iowa Student Gets Internship from Google for Reporting Security Flaw: More Proof Vendors Need Stronger Security Checking For Their Products
Saturday, May 5th, 2007Last night while my sons and I were watching the news it was reported that in Davenport, Iowa a St. Ambrose University student, David Bloom, found a security flaw in early December when he was using the Google Docs and Spreadsheets program.
Reducing Attack Exposure for Internet-Facing Applications
Thursday, May 3rd, 2007Yesterday the Channel 12 news in Jackson, Mississippi reported a Kennesaw, Georgia business had its Internet-facing computer system hacked. That business’s application is “now generating thousands of counterfeit messages to businesses and consumers, purporting to be a complaint filed with the BBB.”
New Study: More Confirmation That Spam Costs Businesses Significant $$
Wednesday, May 2nd, 2007On April 2 Nucleus Research, Inc. released a study, “Spam: The Repeat Offender” which reports that, according to a survey of 849 email users, 90% of all email going into company networks is spam, and 66% of spam gets through corporate filters.
SOX Amendment Defeated: Information security and SMBs
Tuesday, May 1st, 2007Addressing Privacy: There Will Never Be a Technology-Only Solution Because of the Human Factors Involved
Sunday, April 29th, 2007Last week I had the pleasure of being interviewed by Jay Cline for a Computerworld article he was doing about small companies, such as mine, that provide privacy services to organizations.
Privacy: Surveillance and Poor Security Practices
Saturday, April 28th, 2007Today I read with interest an article in the U.K.’s Guardian Unlimited, “Surveillance ‘intrudes on our lives‘.”
I am doing some research into various surveillance methods, such as with CCTV, key loggers, and other methods of surreptitiously recording the activities of individuals, typically without their consent, and often without their knowledge.
