Weekly Data Protection & Compliance Links for March 13, 2015

Reviewing a list of data protection and compliance articles may seem a bit glum. These are rarely happy stories. Yet it’s worth it. Who knows? What you read today may help you avert disaster tomorrow. This week’s articles cover corporate transparency, risky employees, the benefits of executive leadership, training secrets and some carefully thought insight into phishing awareness and prevention. Enjoy.

White House Proposal Elevates Privacy, Transparency Discussion

Brendon Lynch, @brendonlynch
Microsoft’s Chief Privacy Officer welcomes the Obama administration’s proposed framework for privacy legislation, hoping it will, “. . . kick-start a much-needed conversation about how to protect people’s personal information.”

7 Warning Signs an Employee has Gone Rogue

Roger Grimes, @rogeragromes
InfoWorld’s Roger Grimes shares a list of red flags he’s learned to recognize in employees who have the potential to cross ethical and legal thresholds of data protection and privacy.

2015 Annual Security Report: Strong Leadership Helps Address Security Challenges

Chris Fry
In this year’s security report Cisco demonstrates that businesses with executive level sponsorship and accountability are better positioned to overcome security challenges. At the same time, less than 50% of survey respondents indicated they use common, readily available tools to prevent security breaches.

Security Awareness Training: We’re doing it Wrong!

Arlie Hartman, @arliehartman
The Senior Security Advisor at Rook Security shares five secrets for creating effective security awareness training, including quiz first and reward after.

Security Awareness Programs: Better than Nothing

Bill Brenner, @billbrenner70
Akamai’s Bill Brenner was CSOonline’s Managing Editor when the site published Dave Aitel’s controversial Why You Shouldn’t Train Employees for Security Awareness. Thought Brenner agrees with Aitel’s core idea, the best way to prevent phishing is to stress test employees, he also explains why security awareness training itself is indispensable.

Share this Post