A portrait of Rebecca Herold

Rebecca Herold & Associates, LLC

Your trusted source for effective information security,
privacy and compliance tools, education and consulting.
The Privacy Professor

Articles on Information Security

NCSAM: Six Tips to Help Keep your Business Secure

The types of new technologies that employees are using within work environments and for business activities are going to continue to grow exponentially. Their personal data is getting more mixed in with the business data on those devices. How can organizations get ready for these increasingly high-tech employees? How can they keep the business data separate from the personal data? Can they even do this anymore?

Data Privacy Toolbox for Business Travelers

Are employees leaving themselves, your company and your customers vulnerable to a data breach when they travel? The answer is something we all need to examine – and re-examine – regularly.

Insider Threat (Part 1)
Insider Thread (Part 2)

In this two-part article, I discuss the three types of insider threats, and what your organization can and cannot do to fight those who have betrayed your organization's trust.

Recessions Calls for Better Change Management

During a recession, effective change management is even more important to stop "new criminals"

Leap of Faith

The insider threat is not decreasing. This paper discusses the need to ensure those people you put into positions of trust can indeed be trusted.

Compliance Motivation Info: The Security Diet

Are personnel in your organization not complying with the information security program? This article contains advice on how to motivate them to comply.

Risks, Threats & Vulnerabilities: Snowball Lessons

Inspired by teaching my boys, this article explains, without mathematics, the differences between risks, threats, and vulnerabilities.

After-Hours Walkthroughs

In this article I discuss the importance of inspecting work areas after-hours, to identify security vulnerabilities. I include 18 of the most common vulnerabilities.

Handheld Device Security

This presentation shows why business leaders should be concerned about handheld device security issues. To help organizations address such issues, I provide sample polices and discovery tasks.