If I’ve said it once, I’ve said it a million times, but I’ll say it again…
Providing general information security and privacy training to all personnel is good, and should be done! However, you ALSO need to provide targeted training, and ongoing awareness communications, to different groups throughout your organization based upon their job responsibilities that involve information assets and personally identifiable information (PII).
Archive for the ‘Training & awareness’ Category
Are You Providing Targeted Training For IT Personnel?
Tuesday, July 22nd, 2008“Cyber Security in the Three Times: Past, Present, & Future”
Monday, July 21st, 2008Here is a very interesting-looking online seminar…FREE…looks worth checking out…
Organizations of All Sizes Need IT Security & Privacy Training
Thursday, July 17th, 2008Many organizations create broadly scoped information security training for all their personnel to take, but too few create targeted training for groups that need to have specialized knowledge for certain topics. Different departments within an organization handle different types of information, and have different types of contact with business partners, customers and other employees. So doesn’t it make sense that the payroll folks would need training specific for their job responsibilities, and sales folks would need training specific to their responsibilities that are are very different from the payroll folks, and so on? Also, legal requirements those in various industries need specialized training. For example, those in the healthcare space in the U.S. need HIPAA training.
According to the U.S. Census Bureau, small businesses employ more than half of all Americans. Very few small and medium sized businesses (SMBs) have specialized IT staff; most of the owners or personnel take on the day-to-day IT tasks themselves, operating on a wing and a prayer that nothing will go wrong. These huge numbers of folks within SMBs are also taking care of the IT security and privacy activities…hopefully.
Organizations of All Sizes Need IT Security & Privacy Training
Thursday, July 17th, 2008Many organizations create broadly scoped information security training for all their personnel to take, but too few create targeted training for groups that need to have specialized knowledge for certain topics. Different departments within an organization handle different types of information, and have different types of contact with business partners, customers and other employees. So doesn’t it make sense that the payroll folks would need training specific for their job responsibilities, and sales folks would need training specific to their responsibilities that are are very different from the payroll folks, and so on?
According to the U.S. Census Bureau, small businesses employ more than half of all Americans. Very few small and medium sized businesses (SMBs) have specialized IT staff; most of the owners or personnel take on the day-to-day IT tasks themselves, operating on a wing and a prayer that nothing will go wrong. These huge numbers of folks within SMBs are also taking care of the IT security and privacy activities…hopefully.
Get Involved With The 4th Annual Global Security Week!
Wednesday, July 16th, 2008For the past couple of years I’ve been involved with a fantastic group of people who have put their passion, time and resources into helping raise awareness of security issues throughout the world. Dr. Gary Hinson and Brian Honan in particular have invested literally hundreds (perhaps thousands?) of hours into Global Security Week throughout the past four years.
Get Involved With The 4th Annual Global Security Week!
Wednesday, July 16th, 2008For the past couple of years I’ve been involved with a fantastic group of people who have put their passion, time and resources into helping raise awareness of security issues throughout the world. Dr. Gary Hinson and Brian Honan in particular have invested literally hundreds (perhaps thousands?) of hours into Global Security Week throughout the past four years.
Get Involved With The 4th Annual Global Security Week!
Wednesday, July 16th, 2008For the past couple of years I’ve been involved with a fantastic group of people who have put their passion, time and resources into helping raise awareness of security issues throughout the world. Dr. Gary Hinson and Brian Honan in particular have invested literally hundreds (perhaps thousands?) of hours into Global Security Week throughout the past four years.
Information Security and Privacy Education Lesson Fines And Court Penalty Judgments
Tuesday, July 8th, 2008My July issue of “IT Compliance in Realtime” has been published!
This month I continue to focus on the importance of information security and privacy training and awareness to not only improve security and privacy preservation, but also to meet a very wide range of compliance requirements. The first article in this month’s Journal is, “Information Security and Privacy Education Support Compliance.” Download the PDF of the full Journal issue for the formatted, best-looking version.
Here are the first couple of sections from that article…
Where And How Do You Dispose Of Your Cell Phones and Paper Documents?
Monday, June 30th, 2008Something I’m planning to do this summer with my sons is to do some dumpster diving, with the advice of my police and security services company owner friends, to see just how much personal information is left out for just anyone walking by to pick up and use, or misuse. We’ll also see about any cell phones that were just dropped in the dumpster or trash can…
How do you dispose of your cell phones? At work, and at home? And what do you do with the papers that contain personally identifiable information (PII) and other sensitive information when you throw them away? Are you more diligent at work? Or at home?
With this in mind, here’s another section from the third article in my June issue of “IT Compliance in Realtime“…
Disposal of Computers
Thursday, June 26th, 2008Time to post some of the info from the 3rd of the articles from my June issue of “IT Compliance in Realtime Journal” before the month is over!
The 3rd article is “What to Tell Personnel: Disposal Security and Privacy.”
Here is a section from the article…
