Regulatory Reality:

security awareness

1

August 3, 2011  6:16 PM

Are you security unaware?



Posted by: David Schneier
compliance, GLBA, NCUA, NPPI, PII, regulatory, Regulatory Compliance, Security, security awareness

When I first started blogging professionally a colleague of mine cautioned that I should avoid posting anything where a client might recognize themselves in any story or example I might relate, good or bad.  And so in the years since I've gone to sometimes great length to anonymize my content to...

December 10, 2010  6:45 PM

Year-end begets regulatory compliance audit panic



Posted by: David Schneier
assessment, Audit, FFIEC, GLBA, PCI, red flags, red flags identity theft, regulatory, Regulatory Compliance, Security, security awareness, SOX

Sometime back in August I blogged about addressing outstanding compliance tasks before the year's end. We see it every year in my practice: Compliance  and security folks wake up sometime right around now in a bit of a panic and realize that they're about to miss hitting on certain key regulatory...


August 25, 2010  4:07 PM

Are you GLBA compliant and ready for year-end?



Posted by: David Schneier
Audit, business continuity, business continuity planning, compliance, FDIC, GLBA, NCUA, penetration test, penetration testing, regulatory, Regulatory Compliance, risk, risk assessment, Security, security awareness, social engineering, Vendor Management, vulnerability test

Summer at home officially ended this morning as my children returned to school.  Beyond the fact that I consider it cruel and inhuman punishment to resume academic activities before Labor Day, it also serves as a wake-up call that we're well past mid-year on the traditional calendar and eying the...


April 23, 2010  10:14 PM

Compliance professionals need thick skins



Posted by: David Schneier
assessment, assessments, Audit, bcp, business continuity planning, controls, framework, general controls, GLBA, IT General Controls, NCUA, Regulatory Compliance, Security, security awareness, Vendor Management

I've often surprised people when it comes to conducting audit/assessment work or developing compliance programs.  Generally speaking I'm a reasonable person who typically exhibits an abundance of flexibility in my day-to-day life.  However when it comes to my career, I tend to be much more of a...


April 8, 2010  2:24 PM

Online identify theft: One victim’s story



Posted by: David Schneier
cyber security, id theft, information security, password, password theft, phish, phishing, Regulatory Compliance, scam, Security, security awareness

Last month I blogged about a phishing attempt that landed in my inbox.  The email account belonged to someone named Rebecca Keen who I had never heard of before (or so I believed at the time).  As I was finishing writing that post, I received a follow-up email from the same person indicating...


March 22, 2010  3:20 PM

Information security awareness begins at home



Posted by: David Schneier
ATM, Facebook, hack, hacker, information security, LinkedIn, Regulatory Compliance, Security, security awareness, social network

Sometimes the best blog ideas just fall into my lap. I was greeted by this status the other day on Facebook:  "

  Bookmark and Share     0 Comments     RSS Feed     Email a friend


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: