Oh; and, by the way, what the heck are virtual worlds? Aren’t they something that only kids use?
Posts Tagged ‘security awareness’
You aren’t in Kansas anymore, ToTo…you’re in virtual Kansas!
Thursday, April 9th, 2009Measuring The Effectiveness of Information Security & Privacy Awareness & Training
Wednesday, April 8th, 2009I’m a longtime advocate of creating a wide range of metrics to determine the effectiveness of the various components of information security, privacy and compliance programs.
Privacy Breach Lesson: Encrypt Mobile Digital PII!
Monday, April 6th, 2009Once more, here is an example of how carelessness and/or a mistake leads to a privacy breach…
What Corporate Business Leaders Need To Know About Data Protection
Friday, April 3rd, 2009The first chapter of my new ebook, “Understanding Data Protection from Four Critical Perspectives” has been published!
The first chapter is “What Corporate Business Leaders Need To Know About Data Protection” and is written to an audience of CEOs and other executive business leaders who may not have an IT or information security background. I wrote this chapter for information security and privacy practitioners and officers to be able to give to their executive business leaders to help them understand data protection and compliance better, in addition to helping to get them to sponsor data protection efforts.
Here’s the introduction to the chapter, which also provides an overview of the book:
Pros & Cons Of Surveillance Cameras For Compliance
Thursday, April 2nd, 2009Ongoing Awareness Communications and Regular Training Are Necessary For Effective Information Security & Privacy Programs
Wednesday, April 1st, 2009Scott Wright over at Streetwise Security Zone graciously invited me to do a podcast interview with him to discuss information security, privacy and compliance training and awareness issues. In the last half of February I had the pleasure of taking him up on his invitation!
You can hear the full podcast here.
Here are the notes Scott compiled about our discussion topics:
HIPAA Sanctions and Convictions Will Increase with HITECH Act & New Administration
Tuesday, March 31st, 2009Upon reading and researching HIPAA and the impact of the HITECH Act upon it, basically broadening its applicability as well as adding new requirements for privacy breach notifications, I recently was compelled to write an article about what I foresee as likelihood that, after a very frustratingly slow start (by several years!) of HIPAA enforcement, increasingly more HIPAA sanctions will be made in the coming months and years.
SearchCompliance printed my article in three parts in their Compliance Tips section…
Don’t let differing authority levels damage info sec, privacy & compliance collaboration
Thursday, March 26th, 2009I first realized the need for information security and legal compliance areas to closely collaborate on converging issues in the mid-1990’s while establishing the information security and privacy requirements for one of the first online banks. Over the past 5+ years I’ve been actively evangelizing through my 2-day classes, conference and meeting speeches, and many articles and other publications about the need for information security, privacy and legal compliance areas to collaborate, and pointing out the areas where these responsibilities converge.
Carnegie Mellon’s CyLab Is A Great Resource
Wednesday, March 25th, 2009Many Motivators For Identity Theft
Tuesday, March 24th, 2009I’ve heard far too many business leaders in lesser-regulated industries, of organizations of all sizes, say something to the effect of, “Oh, we don’t have any information that hackers would find of any value.”