http://www.ponemon.org/ Welcome to my new blog. I look forward to providing interesting content from our latest research studies. Please stay tuned to some very thought provoking research! http://www.ponemon.org/blog/post/increasing-encryption-deployments-the-response-to-compliance-regulations-cyber-attacks  Dear Friends, please join me on Thursday, April 24, 2012 at 2 PM EST where I will be speaking about the usage of encryption and how it has been evolving Tue, 24 Apr 2012 12:29:20 -0400 en http://www.ponemon.org/blog/post/second-annual-patient-privacy-study-released  Widespread use of mobile devices is putting patient data at risk, according to the latest Ponemon Institute research on healthcare providers' patient privacy practices Thu, 01 Dec 2011 09:13:44 -0500 en http://www.ponemon.org/blog/post/best-practices-in-data-protection-study-released  Sponsored by McAfee, the Best Practices in Data Protection survey is our latest effort to find out what separates the best organizations from the rest Fri, 04 Nov 2011 19:09:03 -0400 en http://www.ponemon.org/blog/post/second-cost-of-cyber-crime-study-is-released-today Today we released our Second Annual Cost of Cyber Crime Study.  Our findings support other research studies suggesting increases in the frequency, severity and overall cost of cyber attacks on private and public sector organizations Tue, 02 Aug 2011 11:04:14 -0400 en http://www.ponemon.org/blog/post/most-trusted-companies-for-privacy Ponemon Institute is releasing our annual Most Trusted Companies for Privacy study this coming week.  This is the eighth year that we conducted a U Sun, 31 Jul 2011 10:55:25 -0400 en http://www.ponemon.org/blog/post/ponemon-releases-cloud-server-provider-study Last week with CA Technologies we issued the results of a study of cloud service providers and their views on cloud security. There has been a lot of interest in this study Mon, 02 May 2011 16:51:00 -0400 en http://www.ponemon.org/blog/post/are-we-taking-adequate-steps-to-protect-the-critical-infrastructure Last week I presented the results of our latest study entitled, "The State of IT Security: A Study of Utilities and Energy Companies Sun, 03 Apr 2011 11:06:59 -0400 en http://www.ponemon.org/blog/post/cost-of-a-data-breach-climbs-higher Most privacy advocates and people in the data protection community believe that data breach costs will start coming down eventually because consumers will become somewhat immune to data breach news Tue, 08 Mar 2011 10:00:11 -0500 en http://www.ponemon.org/blog/post/listen-to-a-new-podcast-on-the-true-cost-of-compliance-study Dear friends and colleagues, Please listen to a recent podcast on the True Cost of Compliance study completed last month.  Martin KcMeay at Network Security Blog did a great job conducting this 30 minute interview Mon, 07 Mar 2011 09:31:34 -0500 en http://www.ponemon.org/blog/post/compliance-like-a-club Have you ever noticed how some organizations wield compliance like a club when marketing their products or services? They remind you of the latest in information security regulations, such as the HITECH Act or Mass 201 CMR 17, and then menacingly predict doom for those who transgress Mon, 31 Jan 2011 10:14:03 -0500 en http://www.ponemon.org/blog/post/poor-privacy-practice-is-ailing-healthcare-industry It has been more than six years since the ChoicePoint data breach thrust the issue of privacy protection into the headlines. Since then hundreds of information security failures have been disclosed and the tools and techniques used to keep sensitive information safe have advanced at a healthy pace Tue, 09 Nov 2010 06:05:03 -0500 en http://www.ponemon.org/blog/post/power-outages-and-data-management I hear the collective sound of our friends, colleagues, and other interested parties scratching their heads at the release of the most recent piece of Ponemon Institute research, National Survey on Data Center Outages Thu, 14 Oct 2010 16:12:17 -0400 en http://www.ponemon.org/blog/post/information-governance-in-the-cloud Just a brief note to bring our recent webinar to your attention.  I presented Information Governance in the Cloud along with the good people at Symantec Thu, 15 Jul 2010 11:08:59 -0400 en http://www.ponemon.org/blog/post/integrated-holistic-security-strategies Holistic is a popular word these days. Often applied to food and medicine, the word conjures images of natural, healthy living, but the word holistic refers to the function of an entity as a whole, including the interdependence of all its parts Mon, 12 Jul 2010 08:30:09 -0400 en http://www.ponemon.org/blog/post/benchmarking-information-security-efficiency Recently the Ponemon Institute completed a new project, the Security Efficiency Benchmark Study, the purpose of which was to learn what IT security leaders in the UK and European think are the key components to having an efficient and effective security operation Thu, 01 Jul 2010 16:07:39 -0400 en http://www.ponemon.org/blog/post/think-before-you-cloud A few years ago, when wireless networking was still relatively new, there were numerous reports of enterprising employees who, frustrated with the pace of new technology integration in their workplace, took it upon themselves to deploy rogue access points – often hidden behind furniture or above drop-down ceiling panels – in order to provide convenient mobility around the office Thu, 13 May 2010 09:02:21 -0400 en http://www.ponemon.org/blog/post/fear-and-loathing-in-online-advertising Have you ever seen an interactive advertisement while browsing around on the Web and, even though it was from a brand that you r Mon, 03 May 2010 14:21:47 -0400 en http://www.ponemon.org/blog/post/the-road-to-data-breach-is-paved-with-good-intentions We recently completed some new research with Accenture in which we were surprised to find that, in spite of all the attention being paid to data protection, and in spite of new and updated data protection regulations, complacency is beginning to settle in among many companies Mon, 19 Apr 2010 12:25:45 -0400 en http://www.ponemon.org/blog/post/security-in-the-trenches We just completed a survey of federal IT security professionals to examine the data protection posture of government agencies. Through the survey, sponsored by CA, we wanted to see whether or not there is consistency in the perception of rank-and-file employees and executive management as it pertains to the safeguarding of sensitive information, regulatory compliance, and the day-to-day management and execution of a security program Wed, 14 Apr 2010 10:23:18 -0400 en http://www.ponemon.org/blog/post/rsa-keynote-address-by-pgp-ceo-phil-dunkelberger  Phil Dunkelberger RSA Keynote - Abridged “Those that cannot remember the past are doomed to repeat it.” -George Santayana The history of the information technology sector is one of constant transformation and reinvention Tue, 23 Mar 2010 12:03:47 -0400 en http://www.ponemon.org/blog/post/is-training-is-the-strongest-link-to-privacy-programs Today we held a RIM College event featuring three noted experts in corporate privacy training programs -- namely, Dean Forbes (Merck), Bob Posch (Merck) and John Block (Media Pro) Thu, 10 Dec 2009 15:50:46 -0500 en http://www.ponemon.org/blog/post/sophos-ponemon-institute-announce-the-state-of-privacy-and-data-security-compliance We are pleased to present The State of Privacy and Data Security Compliance study conducted by Ponemon Institute and sponsored by Sophos Sat, 05 Dec 2009 15:22:16 -0500 en http://www.ponemon.org/blog/post/crowe-horwath-ponemon-release-hitech-study I am delighted to share with you our recently completed benchmark study that focuses on healthcare organizations and their ability to comply with new regulations Sat, 21 Nov 2009 11:49:27 -0500 en http://www.ponemon.org/blog/post/egov-initiative-not-without-risk-to-citizen-data The eGovernment movement is a good thing, and maybe too long in coming given how many years businesses have been taking advantage of technology to provide convenience and a higher quality of service to their customers Thu, 19 Nov 2009 07:36:01 -0500 en http://www.ponemon.org/blog/post/the-goal-is-credibility I want to share an article with you that I think has a tremendous lesson for anyone in the business of building trust.  The article is from a recent edition of Foreign Policy (reprinted from Joint Force Quarterly), but don't let the source put you off Mon, 31 Aug 2009 14:20:28 -0400 en