So many times I’ve heard business leaders complain that the data protection requirements within the multiple laws and regulations only hurt business; that they are not necessary and have no true impact on really protecting data…they are just bureaucratic hoops forced upon businesses to placate the politicians’ constituents by lawmakers who know nothing about the nuts and bolts of implementing information security…and that the cost of compliance is only hurts the business’ bottom line.
Hmm…
Posts Tagged ‘awareness and training’
Confusing Folks: PHR, PHI, PII, NPPI, and Dozens of Other Acronyms…It’s Still All Personal Information
Wednesday, July 25th, 2007I really enjoy reading survey results. I can’t help myself. Whether the surveys are well-done, sloppy, long, short, statistically accurate or obviously statistically invalid, I still find them interesting. Especially when they cover what the general public and non-IT/non-infosec person thinks or knows about information security and privacy, or some industry-specific issue.
Privacy Initiatives Sincere Or Marketing Ploy?
Tuesday, July 24th, 2007Reminder: Your “Privacy in the 21st Century” Submissions Need to Be in by July 27th…This Friday!
Tuesday, July 24th, 2007Last week I posted about this year’s Global Security Week.
PCI DSS and Identity Theft
Monday, July 23rd, 2007Over the past month or so I’ve been discussing the Payment Card Industry (PCI) Data Security Standards (DSS) with some of my information assurance practitioner friends and colleagues and what they’ve been doing to meet the requirements and accompanying challenges. I was thinking about some of the issues over the weekend.
Insider Threat Example: Payroll Employee Threatens To Illegally Use Other Employees’ PII If Not Given a Good Review
Sunday, July 22nd, 2007Here’s another example of the insider threat similar to situations that I’ve heard of happening many times throughout the years through conversations with folks at conferences and other professional meetings.
Did You Know This About U.S. Bank Check Processing Compliance?
Friday, July 20th, 2007I’m thankful to be able to have my own company of one to do what I enjoy so much with information security, privacy and compliance. I am also an active part of managing the farm business for my family. With these two businesses comes A LOT of paperwork, along with checks that must regularly be sent in to various government agencies.
Privacy in the 21st Century: Show Your Creativity for Global Security Week!
Thursday, July 19th, 2007Global Security Week (GSW) is September 3rd through 9th.
The topic this year is “Privacy in the 21st Century.”
Norman Borlaug: A Great Role Model for the Power of One
Thursday, July 19th, 2007I have heard many information assurance (IA) professionals, when they are feeling frustrated, angry, or whatever other negative feelings we all have at one time or another, say what they are doing is not making a difference, or say they feel they are looked down upon by others in their organization as a “necessary evil.” They often feel that one person cannot make a difference.
