February 5th, 2008
January 18: The Importance of Verifying Third Party Security Programs
Learning event at the Grand Rapids, Michigan ISSA chapter meeting
Web Site:
http://www.gr-issa.org/
February 21: Anatomy of a Privacy Breach
Learning event at the University of California, Berkeley
Web Site: http://www.truststc.org/seminar.htm
March 18: Anatomy of a Privacy Breach
Learning event at the Iowa ISACA chapter meeting
Web Site: Click Here
April 27: The 30 Second Security Pitch
Learning event at the CSI SX conference
Web Site: http://www.csisx.com/conference/view-by-day.php
April 30 & May 1: Executive Summit: Security and Privacy Collaboration
2-day learning workshop at the CSI SX conference
Web Site: http://www.csisx.com/conference/workshops.php
July 23 & 24: Executive Summit: Security and Privacy Collaboration
2-day learning workshop hosted by the Charlotte, North Carolina ISACA chapter.
(NO WEBSITE)
Posted in Training & awareness | No Comments »
February 5th, 2008
It seems all business leaders would understand by now, after literally thousands of privacy incidents in recent years, that they need to encrypt personally identifiable information (PII) stored on mobile computers and mobile storage devices, and when sending PII through networks.
Even the bad guys understand this.
Read the rest of this entry »
Tags: awareness and training, encryption, Information Security, IT compliance, personally identifiable information, PII, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, surveillance, terrorist
Posted in Information Security | No Comments »
February 4th, 2008
Here’s something scary…
I just saw a new CNN report that made me go, “Huh?!”
“FBI wants palm prints, eye scans, tattoo mapping”
Read the rest of this entry »
Tags: awareness and training, biometrics, CNN, FBI, George Bush, Information Security, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, surveillance, wired
Posted in Privacy and Compliance | 3 Comments »
February 4th, 2008
For the past few years the Ponemon Institute has done surveys to determine the U.S. companies most trusted to protect privacy.
Read the rest of this entry »
Tags: awareness and training, Information Security, IT compliance, policies and procedures, Ponemon Institute, privacy, Privacy Award, privacy policy, risk management, security awareness, security training
Posted in Privacy and Compliance | No Comments »
February 1st, 2008
Today I got a death threat email message. This particular type of spam is not really new, but because they will be very scary for most people to get, many recipients will fall for them.
The address header and text of the message reads:
Read the rest of this entry »
Tags: awareness and training, death threat, FBI, Information Security, Infragard, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training, spam
Posted in Information Security | No Comments »
February 1st, 2008
Another country appears to be on the verge of passing a privacy breach notice law…
Read the rest of this entry »
Tags: Australia, awareness and training, breach notice law, Information Security, IT compliance, Karen Curtis, policies and procedures, privacy, privacy law, privacy policy, risk management, security awareness, security training
Posted in Laws & Regulations | No Comments »
January 31st, 2008
When I started blogging a couple of years ago (actually in January 2006…just realized I passed my anniversary!), I would not only post daily to my blog, but I would also publish 3 – 4 research papers or white papers to this site each month. Last year I stopped doing that and spent more time providing more analysis and opinions within my daily blog postings.
Read the rest of this entry »
Tags: awareness and training, Information Security, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training
Posted in Miscellaneous | 2 Comments »
January 31st, 2008
Today, “Internet failure hits two continents”
Were you impacted? If you were, then you probably aren’t reading this right now… 🙂
Read the rest of this entry »
Tags: awareness and training, BCP, business continuity planning, CNN, disaster recovery, DRP, Information Security, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training
Posted in Information Security | No Comments »
January 31st, 2008
Today, “Internet failure hits two continents”
Were you impacted? If you were, then you probably aren’t reading this right now… 🙂
Read the rest of this entry »
Tags: awareness and training, BCP, business continuity planning, CNN, disaster recovery, DRP, Information Security, IT compliance, policies and procedures, privacy, privacy policy, risk management, security awareness, security training
Posted in Information Security | No Comments »
January 30th, 2008
While scanning the news blurb summaries today, the statement, “This is a violation of HIPAA.” caught my eye. Hmm…let’s see what this is about…
This statement was actually within the reader comments to the story, “Blue Cross reports theft of computer.”
Read the rest of this entry »
Tags: awareness and training, Blue Cross/Blue Shield, encryption, HIPAA, Information Security, IT compliance, patient privacy, PHI, PII, policies and procedures, privacy, privacy policy, protected health information, risk management, security awareness, security training, stolen laptop
Posted in Privacy Incidents | 3 Comments »
