http://www.ponemon.org/ Ponemon Institute Blog http://www.ponemon.org/blog/post/legislating-social-privacy There’s a great deal of talk these days about privacy and social media. Specifically, services like Google, Facebook, Twitter, and other popular social networking platforms are coming under increased scrutiny over their privacy policies and data sharing practices Fri, 30 Jul 2010 14:20:26 -0400 en http://www.ponemon.org/blog/post/when-privileged-access-is-no-longer-a-privilege I just read an interesting multi-part investigative report in the Washington Post about how intelligence gathering – and the bureaucracy that has risen since September 11, 2001 to facilitate the harvest and analysis of that information – has spun beyond the federal government’s control, not to mention its ability to make use of the sheer abundance of information Mon, 19 Jul 2010 14:59:42 -0400 en http://www.ponemon.org/blog/post/information-governance-in-the-cloud Just a brief note to bring our recent webinar to your attention.  I presented Information Governance in the Cloud along with the good people at Symantec Thu, 15 Jul 2010 11:08:59 -0400 en http://www.ponemon.org/blog/post/car-talk-and-compliance Are you familiar with Click and Clack, the Magliozzi brothers of NPR’s hilarious auto repair show Car Talk? Tom and Ray are blessed with both an encyclopedic knowledge of automotive troubleshooting, and with an on-air chemistry that makes mechanics interesting and entertaining Wed, 14 Jul 2010 11:14:23 -0400 en http://www.ponemon.org/blog/post/integrated-holistic-security-strategies Holistic is a popular word these days. Often applied to food and medicine, the word conjures images of natural, healthy living, but the word holistic refers to the function of an entity as a whole, including the interdependence of all its parts Mon, 12 Jul 2010 08:30:09 -0400 en http://www.ponemon.org/blog/post/advanced-cyberthreats-are-you-ready   Last September I had the privilege of addressing an audience of IT professionals from the chemical industry during the ChemITC Annual Conference Tue, 06 Jul 2010 17:12:47 -0400 en http://www.ponemon.org/blog/post/benchmarking-information-security-efficiency Recently the Ponemon Institute completed a new project, the Security Efficiency Benchmark Study, the purpose of which was to learn what IT security leaders in the UK and European think are the key components to having an efficient and effective security operation Thu, 01 Jul 2010 16:07:39 -0400 en http://www.ponemon.org/blog/post/oil-spills-and-data-drills My heart sinks day by day as I watch events unfolding in the Gulf of Mexico. I doubt if anyone can begin to comprehend the potential extent of the devastation taking place as a result of the catastrophe Sun, 20 Jun 2010 13:06:04 -0400 en http://www.ponemon.org/blog/post/cold-war-and-a-hot-furnace I was a U.S. Navy intelligence specialist assigned to VA-55 (go Warhorses!), a bomber squadron based at NAS Oceana in Virginia Beach, Virginia Wed, 09 Jun 2010 10:44:04 -0400 en http://www.ponemon.org/blog/post/facebooks-pioneering-privacy-path Wow. Facebook seems to have rubbed a lot of folks the wrong way -- again. Time Magazine  put the company on the cover this week following yet another privacy misstep and an admission by CEO Mark Zuckerberg that, perhaps, the company had made a few mistakes in calculating the public’s acceptance of its data use practices Wed, 26 May 2010 11:47:24 -0400 en http://www.ponemon.org/blog/post/think-before-you-cloud A few years ago, when wireless networking was still relatively new, there were numerous reports of enterprising employees who, frustrated with the pace of new technology integration in their workplace, took it upon themselves to deploy rogue access points – often hidden behind furniture or above drop-down ceiling panels – in order to provide convenient mobility around the office Thu, 13 May 2010 09:02:21 -0400 en http://www.ponemon.org/blog/post/fear-and-loathing-in-online-advertising Have you ever seen an interactive advertisement while browsing around on the Web and, even though it was from a brand that you r Mon, 03 May 2010 14:21:47 -0400 en http://www.ponemon.org/blog/post/global-data-breach-costs-examined-for-first-time Without a doubt the Ponemon Institute’s most popular study is our Annual Cost of a Data Breach study, a case study analysis of U Wed, 28 Apr 2010 12:13:35 -0400 en http://www.ponemon.org/blog/post/ponemon-institute-crowe-horwath-hipaa-hitech-compliance-webinar Curious about what American citizens think about the privacy of their sensitive medical information and how public opionion affects HIPAA HITECH compliance? The Ponemon Institute and Corwe Horwath will present a webinar on May 20th on the issue Fri, 23 Apr 2010 23:16:06 -0400 en http://www.ponemon.org/blog/post/littler-mendelson-on-quon Our good friend Phil Gordon, one of the sharpest minds on privacy and labor/employment law, offers an interesting view of today's oral argument before the U Mon, 19 Apr 2010 22:31:51 -0400 en http://www.ponemon.org/blog/post/the-road-to-data-breach-is-paved-with-good-intentions We recently completed some new research with Accenture in which we were surprised to find that, in spite of all the attention being paid to data protection, and in spite of new and updated data protection regulations, complacency is beginning to settle in among many companies Mon, 19 Apr 2010 12:25:45 -0400 en http://www.ponemon.org/blog/post/security-in-the-trenches We just completed a survey of federal IT security professionals to examine the data protection posture of government agencies. Through the survey, sponsored by CA, we wanted to see whether or not there is consistency in the perception of rank-and-file employees and executive management as it pertains to the safeguarding of sensitive information, regulatory compliance, and the day-to-day management and execution of a security program Wed, 14 Apr 2010 10:23:18 -0400 en http://www.ponemon.org/blog/post/sit-down-and-talk-with-your-kids I've had a positive and heartening response to my recent post about my experience creating a bogus Facebook account to illustrate the ease with which someone can gain access to kids' accounts Fri, 02 Apr 2010 09:59:23 -0400 en http://www.ponemon.org/blog/post/information-security-and-a-leaky-roof Here on the East Coast we’ve been treated to a mild but very wet spring and it reminds me of a story my dad told me when I was a young boy Mon, 29 Mar 2010 20:05:56 -0400 en http://www.ponemon.org/blog/post/rsa-keynote-address-by-pgp-ceo-phil-dunkelberger  Phil Dunkelberger RSA Keynote - Abridged “Those that cannot remember the past are doomed to repeat it.” -George Santayana The history of the information technology sector is one of constant transformation and reinvention Tue, 23 Mar 2010 12:03:47 -0400 en http://www.ponemon.org/blog/post/ozob-s-tale-clowning-around-with-kids-and-facebook In February I was invited to be part of a panel presentation at Darien High School in Darien, Connecticut. The school decided to take action and confront some issues related to prudent use of Facebook following a betrayal of trust among a small group of students that spilled over from a private, off campus affair into a public situation on school grounds Thu, 18 Mar 2010 22:22:54 -0400 en http://www.ponemon.org/blog/post/consumer-influences-on-most-trusted-for-privacy FoxBusiness.com called the other day asking if we might be interested in talking about our annual Most Trusted Companies for Privacy study Thu, 04 Mar 2010 20:35:11 -0500 en http://www.ponemon.org/blog/post/use-what-works-to-create-a-culture-of-privacy I was in an industrial facility recently and noticed large banners on the walls proclaiming “12 Years without a Safety Incident Sun, 20 Dec 2009 12:03:25 -0500 en http://www.ponemon.org/blog/post/is-training-is-the-strongest-link-to-privacy-programs Today we held a RIM College event featuring three noted experts in corporate privacy training programs -- namely, Dean Forbes (Merck), Bob Posch (Merck) and John Block (Media Pro) Thu, 10 Dec 2009 15:50:46 -0500 en http://www.ponemon.org/blog/post/sophos-ponemon-institute-announce-the-state-of-privacy-and-data-security-compliance We are pleased to present The State of Privacy and Data Security Compliance study conducted by Ponemon Institute and sponsored by Sophos Sat, 05 Dec 2009 15:22:16 -0500 en