During the past few years it has become more common to have phone records, purchase records, and other logged activities datamined and reviewed by various organizations, government agencies and law enforcement groups. One highly publicized example was when AT&T provided access to their customers’ phone records and Internet communications to the U.S. National Security Agency (NSA).
Posts Tagged ‘risk management’
Privacy: Are You Sure You *REALLY* Have Nothing To Hide?
Thursday, July 12th, 2007Carnegie Mellon’s Data Privacy Head Urges Development of New Privacy Technologies
Wednesday, July 11th, 2007I enjoy reading Scientific American Magazine. And I especially am interested in reading their articles that touch upon, or directly address, information security, privacy or compliance. It is always nice to see the views of practitioners, educators, researchers and others who are not on the typical information security circuit of publications.
Trademarks, Virtual Reality Sites, and Creating a Very Aware Next Generation of Information Assurance Leaders
Tuesday, July 3rd, 2007I’ve been working in my home office for around 7 1/2 years, being able to do most of my project work from home, which I’m thankful for. During that time my now 10-year-old and 7-year-old (he’ll remind you he turns 8 next month) sons have been around me quite a bit as I do my work. So I discuss a lot of what I do with them, they ask a lot of questions, and they soak a whole lot more into their brains than I realize. Especially over summer when they are at home with me virtually all day every day.
5 Security Lessons from Non-Compliance with UK Data Protection Law
Monday, July 2nd, 2007I speak with many organizations who have customers throughout the world, often via their ecommerce websites, and an alarmingly large number of these organizations are completely unaware of the data protection laws they must follow in the countries where their customers are from. When the privacy commissioners from these other countries discover the organizations not following the laws, the organizations can have substantial financial impact on their businesses from not only fines, but typically more significantly from bad press, and orders to discontinue business within the country until they have their business activities, policies and processes in compliance with the requirements.
Surveillance and Managing Information With So Many Ways To Capture It
Wednesday, June 27th, 2007Over the weekend a news story appeared in Australia that I’m sure is occurring in MANY other organizations, far beyond just schools; “Teachers being secretly filmed by students”
“Over 1 Million Computer Victims” Can Lead To Some Interesting, Awareness-Raising, Discussions
Tuesday, June 26th, 2007Here’s a great conversation starter for a nice chat with your business leaders, “The FBI has found over 1 million computers are controlled by criminal botnets.”
Be prepared to answer some follow-up questions from your business leaders after telling them this, such as…
First Person Convicted Under CAN-SPAM Is Sentenced to 70 Months in Federal Prison and Must Pay Over $1 Million
Tuesday, June 26th, 2007On June 11, Jeffrey B. Goodin was ordered to pay $1,002,885.58 to the victims of his phishing scheme.
Norwich University Residency Week & Thoughts On the Court Ruling on Email Searches
Thursday, June 21st, 2007I’m a professor for the Norwich University MSIA program, and since Sunday I’ve been here in Vermont for their residency week, culminating in graduation on Friday. It has been a great week! It kicked off with a wonderfully thought-provoking discussion led by Karen Worstell, former CISO for Microsoft, as well as former CEO at AtomicTangerine, and many other high-profile positions.
