Posts Tagged ‘IT compliance’

Obtaining Support and Funding from Senior Management

Thursday, September 18th, 2008

Throughout the late spring and summer months I had the great opportunity to participate in an talented workgroup sponsored and led by the European Network and Information Security Agency (ENISA) to create a new, and quite valuable, resource for information security practitioners to help them obtain funding and sponsorship for the training and awareness programs.

(more…)

How to Use Privacy as a Business Differentiator & To Maintain Trust

Tuesday, September 16th, 2008

A recent news report from New Zealand, “Safety of personal info worries Kiwis” highlighted how business safeguards and privacy practices impact customer trust, and subsequently retention.
A recent New Zealand Privacy Commissioner survey found, among other things:

(more…)

A $1 Billion Access Control Mistake

Monday, September 15th, 2008

It has been widely reported and blogged about how an old United Airlines story was posted with huge stock value loss…

(more…)

Miscellaneous Cybercrime & Privacy Tidbits

Friday, September 12th, 2008

For the last day of Global Security Week (GSW) I’m providing a few items that relate to cybercrime that I find interesting…

(more…)

GSW Logo

Wednesday, September 10th, 2008

I really like the logo for this year’s GSW, and I wanted to include it here for those of you who had not see it…

(more…)

Sloppy Disposal Aids Cybercriminals

Wednesday, September 10th, 2008

For day 3 of Global Security Week I want to talk a little bit about the importance of securely disposing of your papers and storage media that contains personal information…

(more…)

Not Enough Police To Deal With Cybercrime

Monday, September 8th, 2008

Here’s an interesting article about cybercrime to kick off Day 1 of Global Security Week…

(more…)

How Does Your Business Use Customer and Consumer Profiling?

Friday, September 5th, 2008

So, do you know how your business may be using data mining for customer and consumer profiling? Have you talked with your marketing folks about it?
Do you know how the stores you make your purchases from use your information to do customer profiling and other types of data mining? Have you asked them? Chances are the sales staff at the counters and check-outs wouldn’t know, but you could ask the store manager.

(more…)

Not All Privacy Issues Involve PII

Thursday, September 4th, 2008

There’s been a lot in the news over the past few years about customer profiling. The term is used somewhat differently by different groups and the definition often debated. However, the mainstream news media generally uses the term to talk about how companies gather many different types of information related to consumers, and then use that information to make determinations about groups of people in various demographics, and even be able to narrow down certain activities to specific individuals when enough data, and it does not need to be personally identifiable information (PII), is collected.

(more…)

Iowa Land Records Association Posts SSNs…Including The Governor’s…On Their Internet Site

Wednesday, September 3rd, 2008

Okay, here’s another example of a ridiculously dumb privacy breach that occurred, in Iowa this time, through a government agency posting information on the Internet…

(more…)