Articles on Information Security

The types of new technologies that employees are using within work environments and for business activities are going to continue to grow exponentially. Their personal data is getting more mixed in with the business data on those devices. How can organizations get ready for these increasingly high-tech employees? How can they keep the business data separate from the personal data? Can they even do this anymore?

Are employees leaving themselves, your company and your customers vulnerable to a data breach when they travel? The answer is something we all need to examine – and re-examine – regularly.

In this two-part article, I discuss the three types of insider threats, and what your organization can and cannot do to fight those who have betrayed your organization's trust.

During a recession, effective change management is even more important to stop "new criminals"

The insider threat is not decreasing. This paper discusses the need to ensure those people you put into positions of trust can indeed be trusted.

Are personnel in your organization not complying with the information security program? This article contains advice on how to motivate them to comply.

Inspired by teaching my boys, this article explains, without mathematics, the differences between risks, threats, and vulnerabilities.

In this article I discuss the importance of inspecting work areas after-hours, to identify security vulnerabilities. I include 18 of the most common vulnerabilities.

This presentation shows why business leaders should be concerned about handheld device security issues. To help organizations address such issues, I provide sample polices and discovery tasks.