Scanning the news this morning, this CNN headline caught my eye, “Mouse click could plunge city into darkness, experts say”
The first sentence is compelling:
Posts Tagged ‘awareness and training’
DHS Exploding Generator Shows Dire Need For Better Computer Security
Thursday, September 27th, 200718 Common Security and Privacy Work Area Vulnerabilities
Wednesday, September 26th, 2007In 1990 when I was an internal auditor I was tasked with determining the overall information security posture of my company. One of the things that I decided would be a good thing to do was to go to the offices Saturday and Sunday evening when there would be the fewest personnel around. I wanted to look at their work areas to see what type of information security risks I could find that were a result of the work habits of the personnel.
Canadian Privacy Commissioners Release TJX Investigation Report
Tuesday, September 25th, 2007Yesterday the Office of the Privacy Commissioner of Canada and the Office of the Information and Prrivacy Commissioner of Alberta released their “Report of an Investigation into the Security, Collection and Retention of Personal Information” concerning the TJX breach. The investigation was performed to determine if, and if so to what extent, the incident was a violation of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and/or the Personal Information Protection Act (PIPA).
Security and Privacy Pros Believe…Yes! Privacy Still Does…Or At Least Can…Still Exist!
Monday, September 24th, 2007Last Friday I had the pleasure of discussing the question of, “Do We Have Privacy Anymore” with a group of highly regarded information security and privacy pros, including:
Use COSO for SOX and Other Compliance Activities
Sunday, September 23rd, 2007On September 17 the COSO “Guidance on Monitoring Internal Control Systems” discussion document was released, with public comment on the paper being accepted until October 31.
A Military Grade Encrypting Self-Destructing USB Drive Makes A Great Gift!
Saturday, September 22nd, 2007This morning I was doing some of my Christmas gift shopping…yes, I like to get mine done early! 🙂 Any way, I’m thinking about getting an Ironkey encrypted USB drive for some of my relatives who are in dire need of protecting their information better.
ISO/IEC 17799:2005 By Another Name Is Still The Same
Friday, September 21st, 2007I’ve been doing some compliance gap analysis work comparing the policies of one of my clients with ISO/IEC 17799:2005. It was renamed in July of this year to ISO/IEC 27002:2005. So, along with the name change, did the content also change? Having the 2005 tacked on the end of the new name would seem to possibly indicate not. Hmm…
Trends In Allowing MP3 Downloads to Corporate Networks
Thursday, September 20th, 2007I love my iPod and my iTunes. I have always liked to pick and choose the tunes I wanted to hear and not have to listen to the entire album/CD if there were some songs that I didn’t care for. Plus, I like to listen to a variety of singers, all mixed together. I’ve created dozens of playlists for various events and activites I do. I have an eclectic taste in music which I am broadening all the time while listening to what I think is one of the top radio stations in the entire country, located right here in the Des Moines, Iowa area. Add to this the many great podcasts that continue to be churned out, and you can imagine how many weeks of total play time are stored on my computer within my MP3s.
Deloitte Survey Shows the Need for Effective Training
Wednesday, September 19th, 2007Deloitte Touche Tohmatsu just released their “2007 Global Security Survey” report.
New FTC Report Provides Organizations Good Guidance For Protecting PII
Tuesday, September 18th, 2007Today the U.S. Federal Trade Commission (FTC) released a report, “Combating Identity Theft: Implementing a Coordinated Plan.”
