Posts Tagged ‘security training’

Web 2.0 Security, Privacy & Policies

Friday, October 24th, 2008

Since 2000 I’ve been writing a monthly column for the Computer Security Institute (CSI) Alert publication…

(more…)

FTC Postpones Active Red Flags Rule Enforcement To May 1, 2009

Thursday, October 23rd, 2008

I was surprised to read this yesterday…

(more…)

DHS Secretary Chertoff Calls For Better Computer Security

Wednesday, October 22nd, 2008

It is good to start seeing more urgency place upon information security by the various government agencies.
As an example, last week U.S. Homeland Security Secretary Michael Chertoff spoke at the U.S. Chamber of Commerce emphasized the need for increased cooperation between industry and government to secure the nation’s computer systems.
Here’s an excerpt from one of the news reports about the speech…

(more…)

Reading Online Privacies Could Cost $365 Billion Annually? Doubt It!

Tuesday, October 21st, 2008

My friend Alec (thanks Alec!) pointed me this interesting story…

(more…)

$243 Million Judgment In Iowa For Violations Of Spam Law

Sunday, October 19th, 2008

Here’s something interesting I just ran across…

(more…)

Federal Reserve Releases Examination Procedures For Red Flags Rule Compliance

Friday, October 17th, 2008

If you must comply with the Red Flags Rule, which is a rule that falls under the umbrella of the Fair and Accurate Credit Transactions Act (FACTA), which most organizations in the U.S. who process payments from their customers must comply with, for which compliance is required by November 1 of this year, then you should review the recently released guidance documents that will be used by the government oversight examiners…

(more…)

Two Great Sites About Privacy Breaches and Privacy Studies

Thursday, October 16th, 2008

A friend (thanks Terry!) just pointed me to a couple of really great sites that Nymity provides without needing to register, and they have no ads or marketing…

(more…)

Insider Threat Example: Obama’s Campaign Folks Make Email Mistake

Wednesday, October 15th, 2008

No matter how much technology you throw at trying to prevent security incidents, the weakest link in the organization, your personnel (who could be your strongest link with effective training and ongoing awareness) can defeat that security technology.
On purpose, because of lack of knowledge, or by making a plain ol’ mistake.
And EVERYONE makes mistakes. Fewer if they are more diligently aware though.

(more…)

Commerce Department Issues New Rule For Encryption Exports

Tuesday, October 14th, 2008

Remember all the talk in the 1990’s that surrounded the legalities, and largely restrictions, surrounding how encryption could be used for data sent outside the U.S.? Or how encryption tools and algorithms could be exported? It’s been a significantly more silent issue during this new century.

(more…)

Identity Theft Enforcement and Restitution Act of 2008

Sunday, October 12th, 2008

I just read about a new law signed at the end of September, 2008, by U.S. President Bush, H.R. 5983; the “Identity Theft Enforcement and Restitution Act of 2008” which is under Title II.

(more…)