Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

June 23, 2009

Movies and TV Shows to Use for Infosec and Privacy Training and Awareness

After many long hours, I've finally submitted the draft manuscript for the 2nd edition of my "Managing an Information Security and Privacy Awareness and Training Program" book. However, I will still have one more chance to make changes. One of the 23 appendices within my book provides lists of resources; books, web sites, activities, games and so on. One of my lists is for movies and television shows that can be used in training or for awareness activities...

 
Continue reading Movies and TV Shows to Use for Infosec and Privacy Training and Awareness...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (4) | TrackBacks (0)

June 15, 2009

Info Sec & Privacy Days/Weeks/Months

As I've mentioned a few times before, I'm in the final lap of finishing the 2nd edition of my book, "Managing an Information Security and Privacy Awareness and Training Program." Woo hoo!

Over the weekend I updated "Appendix N - Designated Security and Privacy-Related Days." Here are the days, weeks and months I've found are devoted to raising awareness about various info sec and privacy issues (this is in a much nicer-looking table format in my book)...

 
Continue reading Info Sec & Privacy Days/Weeks/Months ...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

June 5, 2009

Great InfoSec and Privacy Info and Resources This Week On Twitter

I got my week's issue of Time magazine in the mail today, and lo-and-behold the cover and feature story was about Twitter!

 
Continue reading Great InfoSec and Privacy Info and Resources This Week On Twitter...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

June 4, 2009

Not Providing Training and Awareness Is The Dumbest Idea For Information Security

As time goes on, and more and more information security incidents and privacy breaches occur, I continue to hear otherwise smart people say silly and completely wrong statements about the need (or lack of) for information security and privacy training and awareness!

 
Continue reading Not Providing Training and Awareness Is The Dumbest Idea For Information Security...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

June 1, 2009

Common InfoSec & Privacy Training Mistakes

I've been reviewing some of the information security and privacy training and awareness content for some organizations; some large and some small. Most of the training is ineffective...

 
Continue reading Common InfoSec & Privacy Training Mistakes...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (2) | TrackBacks (0)

May 27, 2009

Insider Threat: Horrible Tragedy Highlights Need For Policies & Training

I got the June 1 issue of Newsweek today, and something that's bothered me ever since I first heard about it was on page 4...

 
Continue reading Insider Threat: Horrible Tragedy Highlights Need For Policies & Training...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

May 21, 2009

HIPAA, HITECH Act and Disposal Problems

Here's yet another incident that provides very good lessons that could be incorporated into information security and privacy training sessions as a case study, particularly for HIPAA compliance as well as secure disposal training...

 
Continue reading HIPAA, HITECH Act and Disposal Problems...

Tags:                      
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

May 20, 2009

The World's Largest (and BEST!) Cyber Defense Competition for Teens...In Ames Iowa!

Last month Iowa State University, in Ames, held a unique type of IT Olympics for teens...

 
Continue reading The World's Largest (and BEST!) Cyber Defense Competition for Teens...In Ames Iowa!...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

May 19, 2009

Effectively Explaining the Purpose of Information Classification to Employees

The topic for my Q2 2009 issue of Protecting Information was helping employees to understand why different types of information need different levels of security. Yes, this is information classification, but I describe it in a way that employees of all levels and responsibilities throughout an organization can understand, here's how...

 
Continue reading Effectively Explaining the Purpose of Information Classification to Employees...

Tags:                    
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

May 11, 2009

Secure360 Starts Tomorrow!

I drove up to St. Paul, MN, today and will be speaking, and look forward to attending the sessions, at Secure360.

 
Continue reading Secure360 Starts Tomorrow!...

Tags:                
 Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold | Permalink | Comments (0) | TrackBacks (0)

Search

line

Library Resources

line
line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for the past two decades. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the world's best privacy experts and on their list of the best privacy consulting firms in both 2007 and 2008. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 13th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.