Reviewing a list of data protection and compliance articles may seem a bit glum. These are rarely happy stories. Yet it’s worth it. Who knows? What you read today may help you avert disaster tomorrow. This week’s articles cover corporate transparency, risky employees, the benefits of executive leadership, training secrets and some carefully thought insight into phishing awareness and prevention. Enjoy.
Brendon Lynch, @brendonlynch
Microsoft’s Chief Privacy Officer welcomes the Obama administration’s proposed framework for privacy legislation, hoping it will, “. . . kick-start a much-needed conversation about how to protect people’s personal information.”
Roger Grimes, @rogeragromes
InfoWorld’s Roger Grimes shares a list of red flags he’s learned to recognize in employees who have the potential to cross ethical and legal thresholds of data protection and privacy.
In this year’s security report Cisco demonstrates that businesses with executive level sponsorship and accountability are better positioned to overcome security challenges. At the same time, less than 50% of survey respondents indicated they use common, readily available tools to prevent security breaches.
Arlie Hartman, @arliehartman
The Senior Security Advisor at Rook Security shares five secrets for creating effective security awareness training, including quiz first and reward after.
Bill Brenner, @billbrenner70
Akamai’s Bill Brenner was CSOonline’s Managing Editor when the site published Dave Aitel’s controversial Why You Shouldn’t Train Employees for Security Awareness. Thought Brenner agrees with Aitel’s core idea, the best way to prevent phishing is to stress test employees, he also explains why security awareness training itself is indispensable.