Global Security Week (GSW) is September 3 – 7 this year, and the topic is Privacy in the 21st Century.
All the GSW logo entries were nice, but I think the winner of the GSW logo competition, Emily Hoelscher, captures the essence of privacy quite well. I really like how Emily incorporated both physical and data issues into her design.
Privacy in the 21st Century is Captured Well in This Year’s GSW Logo Competition Winner
August 5th, 2007The Many Languages of Security and Privacy
August 3rd, 2007I’ve done a lot of information security and privacy awareness and training work since 1990. I continue to do a lot; not only because of the *REAL* importance it has to the success of security and privacy efforts, but also because it is something I love doing.
Privacy Poll Closing *SUNDAY*…Please Click a Button!
August 2nd, 2007Thanks to those of you who have taken the privacy poll on the right-hand side of this page! If you haven’t yet…please, pretty please, do! I had planned for this to close on Friday, but now it will close on Sunday. I’ll post a new poll weekly to run from Monday through Sunday, and each week afterwards.
Insider Threat: Contractor Sabotages Space Shuttle Endeavour
August 1st, 2007It feels like I’ve been writing a lot about the insider threat lately, but then again, it seems I read about a new incident caused by insiders almost daily. So much time, effort and money is spent on keeping the outsiders from getting to systems and data, but a comparatively little amount is spent on addressing, and trying to prevent, insiders from doing bad things. Folks who are trusted and have authorized access can do so much harm. The technologies focusing on the outsiders are not going to do much to protect your information from insiders.
Insider Threat and Cowboys: The Wall Street Journal Tells Your Personnel How To Get Around Your Security
July 31st, 2007Oh, boy, reading this Wall Street Journal story, “Ten Things Your IT Department Won’t Tell You” brought back some memories of personnel who went to great lengths to get around security requirements!
International PII Data Transfers: New Requirements from Spain
July 30th, 2007In this global economy it is important for you to know, understand and follow the data protection laws in all the countries where you have offices, have customers, store personally identifiable information (PII) and from where PII is accessed. Each country has nuances within their laws that could create quite a big obstacle if you are doing business there and find you must suddenly stop because you are out of compliance with their data protection laws.
Do You Think Privacy Is Really Dead?
July 28th, 2007I occasionally post to the Cutter Consortium blog, and the recent topics there have involved privacy.
Retail Locations Have Unique Challenges With PCI DSS Compliance
July 27th, 2007I’ve been intrigued lately with PCI DSS compliance. It has all retailers on edge, has multiple vendors drooling, and has spawned new laws and bills, such as in Minnesota and Texas. I’ve had interesting discussions about it with those who process credit card payments, and I’ve been doing some research into the various issues.
Confusing Folks: PHR, PHI, PII, NPPI, and Dozens of Other Acronyms…It’s Still All Personal Information
July 25th, 2007I really enjoy reading survey results. I can’t help myself. Whether the surveys are well-done, sloppy, long, short, statistically accurate or obviously statistically invalid, I still find them interesting. Especially when they cover what the general public and non-IT/non-infosec person thinks or knows about information security and privacy, or some industry-specific issue.
