Posts Tagged ‘NSA’
Wednesday, December 10th, 2014
This year Admiral Mike Rogers, the current Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, gave the luncheon keynote address at the U.S. Chamber of Commerce’s Third Annual Cybersecurity Summit, “Sharing Cyber Threat Information to Protect Business and America.” You can find it at: (more…)
Tags:Admiral Rogers, Dell, Information Security, information security risks, infosec, NSA, personal information, policies, privacy, privacy information, privacy professor, privacy risks, privacyprof, procedures, Rebecca Herold, risks, sensitive information, sensitive personal data, training
Posted in privacy | No Comments »
Wednesday, February 26th, 2014
Do you think the NSA is the biggest threat to your privacy? Certainly they are collecting a significant amount of personal data. And from the looks of it, with their new facility that may hold up to 12 exabytes (that’s 12,000,000,000,000,000,000 bytes) of data, they appear to be planning to continue collecting, and keeping, more data. This is an important topic, and I’ll look at in more depth in an upcoming blog post. But for now, you need to know and understand that there are many other entities that are collecting data from you and your mobile apps in the same way as NSA is slurping it up, along with several other ways. (more…)
Tags:awareness, compliance, cybercrooks, cybersecurity, data protection, encrypt, encryption, IBM, Information Security, infosec, midmarket, Mobile apps, mobile device, non-compliance, NSA, personal information, personal information identifier, personal information item, PI, PII, policies, privacy, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, surveillance, training, wearable device, wireless
Posted in Information Security, mobile computing, privacy | No Comments »
Tuesday, October 1st, 2013
“Sometimes I feel like…somebody’s watching me! And I have no privacy!”
(The Rockwell hit from…quite appropriately…1984.)
Each day, we are tracked by the ‘smart’ systems, mobile apps, personal communication devices and other surveillance platforms that have become commonplace in our daily lives. In an effort to educate more people, and businesses, about the data trails they are leaving behind (and the companies, data bureaus and marketers who are sniffing out that trail), I created this new infographic (more…)
Tags:awareness, big data, breach, compliance, data protection, encrypt, encryption, IBM, Information Security, information technology, infosec, Internet of Things, IT security, midmarket, monitoring, NIST, non-compliance, NSA, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, security, social network, surveillance, systems security, training
Posted in Miscellaneous, privacy | No Comments »
Thursday, September 26th, 2013
I’ve received numerous questions from various news outlets, clients and colleagues since the published revelation that the NSA was getting the assistance of encryption vendors to decrypt messages throughout a very wide range of activities. A lot of folks are now throwing their hands in the air, claiming that encryption is now no longer effective, and planning to use something completely different. Hmm…wait! Don’t throw out the encryption baby with the unsafe practices bathwater yet. Encryption is still an effective, and necessary, information security control to use. The following are (more…)
Tags:awareness, BA, BAA, breach, business associate, CE, compliance, covered entity, data protection, encrypt, encryption, HIPAA, HITECH, IBM, Information Security, information technology, infosec, IT security, midmarket, monitoring, NIST, non-compliance, NSA, Omnibus, personal information identifier, personal information item, PHI, PII, policies, privacy, privacy breach, privacy laws, privacy professor, privacyprof, Rebecca Herold, risk assessment, risk management, RSA, security, social network, surveillance, systems security, training
Posted in government, Information Security | No Comments »
Thursday, September 6th, 2007
There was some very interesting news in the Kansas City Star today; “Judge strikes down part of Patriot Act”
(more…)
Tags:awareness and training, corporate governance, DoJ, government, Information Security, IT compliance, National Security Letters, NSA, Patriot Act, personal data protection, privacy, surveillance, USA PATRIOT Act
Posted in government, Laws & Regulations | No Comments »
Thursday, September 6th, 2007
There was some very interesting news in the Kansas City Star today; “Judge strikes down part of Patriot Act”
(more…)
Tags:awareness and training, corporate governance, DoJ, government, Information Security, IT compliance, National Security Letters, NSA, Patriot Act, personal data protection, privacy, surveillance, USA PATRIOT Act
Posted in government, Laws & Regulations | No Comments »
Thursday, July 12th, 2007
During the past few years it has become more common to have phone records, purchase records, and other logged activities datamined and reviewed by various organizations, government agencies and law enforcement groups. One highly publicized example was when AT&T provided access to their customers’ phone records and Internet communications to the U.S. National Security Agency (NSA).
(more…)
Tags:awareness and training, Daniel J. Solove, identity management, Information Security, IT compliance, Nothing to Hide, NSA, policies and procedures, privacy, risk management
Posted in Privacy and Compliance | No Comments »
Tuesday, March 27th, 2007
Today U.S. FBI Director Robert Mueller appeared before the Senate Judiciary Committee and testified that there are no problems with the USA PATRIOT Act, but that the FBI did not implement the Act appropriately.
(more…)
Tags:awareness and training, corporate governance, FBI, government, Information Security, IT compliance, National Security Letters, NSA, Patriot Act, personal data protection, privacy, surveillance, USA PATRIOT Act
Posted in government, Laws & Regulations, Privacy and Compliance | 2 Comments »
Friday, March 9th, 2007
CNN reported today that a U.S. Department of Justice (DoJ) audit finds the FBI is has not kept good track of how many times they have ordered businesses monitoring of emails, telephone records and financial information. The report has not yet been posted to the DoJ site but is supposed to be released sometime today.
According to the CNN report:
(more…)
Tags:awareness and training, corporate governance, DoJ, email, government, Information Security, IT compliance, National Security Letters, NSA, Patriot Act, personal data protection, phone calls, privacy, surveillance, USA PATRIOT Act
Posted in government, Information Security, Laws & Regulations, Privacy and Compliance | 2 Comments »
