Awareness activities are an important and necessary component of an effective, layered, information assurance program. Too little time is spent on communicating information security and privacy requirements, threats, vulnerabilities, and other related issues within most organizations. Providing regular traning and ongoing awareness activities to all personnel, along with customized training to targeted groups with unique information security responsibilities, such as call centers, sales and marketing folks, and applications and systems developers, as is also very important.
Posts Tagged ‘risk management’
How Long Has It Been Since You’ve Done An Awareness Activity? Privacy and Security Week Starts April 8
Monday, April 2nd, 2007What Businesses Need to Know About Reputation-Based Messaging Technology
Sunday, April 1st, 2007I first started hearing about reputation-based technologies used in conjunction with filtering messages a couple of years ago. What a great idea! It does make sense to analyze the characteristics of a message to help determine whether or not it is legitimate, spam, contains malware, or is likely to be some other type of message you do not want getting onto your corporate network, doesn’t it? Trying to determine the “reputation” of the message seems to be a good additional check. Banks and credit card companies have been doing similar types of activities for decades, looking at the reputation of their loan and card applicants, when generating credit scores. It seems as though this type of analysis, while not fool-proof, could also have the potential to greatly assist with keeping unwanted messages from clogging the enterprise networks and mailservers.
What Were They Thinking!? U.S. Marshals Put The PII of Thousands of People on a D.C. Street For Anyone To Take
Saturday, March 31st, 2007I read a lot of articles about incidents; it is hard to keep up with them all! However, one I ran across on the WUSA 9News Now site in Washington D.C. grabbed my attention.
U.S. Dept of Homeland Security Creates National Computer Forensic Institute
Monday, March 26th, 2007On March 9 the U.S. Department of Homeland Security (DHS) announced the creation of a National Computer Forensic Institute.
U.S. Dept of Homeland Security Creates National Computer Forensic Institute
Monday, March 26th, 2007On March 9 the U.S. Department of Homeland Security (DHS) announced the creation of a National Computer Forensic Institute.
Don’t Be A Security Slacker
Sunday, March 25th, 2007Today I woke up to a beautiful, gorgeous spring morning…sunny, low 60’s (abnormally high for March), gentle breeze, the grass seemed to have gotten green over night, the birds are singing, the geese and ducks have come back after being gone for the winter and are swimming on our pond, a cute little chipmunk is eating from the birdseed and nuts I scattered on the patio outside my office door, what a great day! And then, after a nice walk outside, I come back inside, first to do some chores along with my family; my sons doing their assigned cleaning.
Raise Awareness by Sharing Your Knowledge And Experience
Saturday, March 24th, 2007You help to improve information assurance efforts and assist other information assurance practitioners by sharing your expertise, experiences, and suggestions. Consider writing an article for publication not only to help others, but also to help you hone your writing skills, validate your expertise to your business leaders by showing them your published work, and provide an avenue for meeting other professionals who reach out to ask you questions about your article.
Norwich University Fifth Annual Information Assurance Student Symposium: March 27
Friday, March 23rd, 2007I am very honored to be an adjunct professor for the Norwich Master of Science in Information Assurance (MSIA) program.
In this role I’m also fortunate to be able to work with Dr. Mich Kabay, who is the MSIA Program Director.
Addressing Image Spam
Thursday, March 22nd, 2007Have you noticed an increasingly large number of email messages coming into your inbox that have the text information imbedded within graphic images? I have, and they really bug me. I know they irritate many of my information assurance professional colleagues as well. Some of these spam messages are very creative. All clutter my already overflowing email. They waste precious storage, and also clog bandwidth on enterprise networks. This is image spam.
