CIO and CISO

Privacy Leader

Marketer and Brand Manager

Blog

New Report on Data Recovery Operations
January 24, 2012
  As the use of third-party data recovery service providers continues to increase, so does the potential for a data breach to occur during the data recovery process. Permalink

Second Annual Patient Privacy Study Released
December 1, 2011
 Widespread use of mobile devices is putting patient data at risk, according to the latest Ponemon Institute research on healthcare providers' patient privacy practices. Permalink

Best Practices in Data Protection Study Released
November 4, 2011
 Sponsored by McAfee, the Best Practices in Data Protection survey is our latest effort to find out what separates the best organizations from the rest. Permalink

RSS Feed

RSS Feed RSS Feed

RSA Keynote Address by PGP CEO Phil Dunkelberger

March 23, 2010

 Phil Dunkelberger RSA Keynote - Abridged “Those that cannot remember the past are doomed to repeat it.” -George Santayana The history of the information technology sector is one of constant transformation and reinvention. Whether it’s hardware platforms migrating from mainframes to mini-computers, to personal computers to smart phones or proprietary application interfaces being recreated for web browsers, the IT sector has distinguished itself by its rate of innovation and the ability to transition from one ...more

Posted by Dr. Larry Ponemon at 12:03 pm
Permalink Add Comment (0 Comments)

Security in the Trenches

April 14, 2010

We just completed a survey of federal IT security professionals to examine the data protection posture of government agencies. Through the survey, sponsored by CA, we wanted to see whether or not there is consistency in the perception of rank-and-file employees and executive management as it pertains to the safeguarding of sensitive information, regulatory compliance, and the day-to-day management and execution of a security program.   What we found was interesting, and in keeping with what ...more

Posted by Dr. Larry Ponemon at 10:23 am
Permalink Add Comment (1 Comments)

The Road to Data Breach is Paved with Good Intentions

April 19, 2010

We recently completed some new research with Accenture in which we were surprised to find that, in spite of all the attention being paid to data protection, and in spite of new and updated data protection regulations, complacency is beginning to settle in among many companies.   Yes, I said complacency.   Oh, don’t get me wrong: most organizations have good intentions with regard to data protection, but we all know where the road paved ...more

Posted by Dr. Larry Ponemon at 12:25 pm
Permalink Add Comment (3 Comments)

Ponemon Institute/Crowe Horwath HIPAA HITECH Compliance Webinar

April 23, 2010

Curious about what American citizens think about the privacy of their sensitive medical information and how public opionion affects HIPAA HITECH compliance? The Ponemon Institute and Corwe Horwath will present a webinar on May 20th on the issue. Among the points of discussion: • How are key stakeholders responding to increased PHI privacy regulations? • How frequently are healthcare organizations testing and updating their HIPAA/HITECH compliance programs? • How prevalent are deficiencies in HIPAA/HITECH compliance ...more

Posted by Susan Jayson at 11:16 pm
Permalink Add Comment (0 Comments)

Think Before you Cloud

May 13, 2010

A few years ago, when wireless networking was still relatively new, there were numerous reports of enterprising employees who, frustrated with the pace of new technology integration in their workplace, took it upon themselves to deploy rogue access points – often hidden behind furniture or above drop-down ceiling panels – in order to provide convenient mobility around the office.   Problem was these clandestine devices, while providing a benefit to the user, were not industrial ...more

Posted by Dr. Larry Ponemon at 9:02 am
Permalink Add Comment (1 Comments)

Benchmarking Information Security Efficiency

July 1, 2010

Recently the Ponemon Institute completed a new project, the Security Efficiency Benchmark Study, the purpose of which was to learn what IT security leaders in the UK and European think are the key components to having an efficient and effective security operation. In other words, we wanted to know what is necessary for achieving data security goals and protect information assets and infrastructure. As more and more organizations appoint chief information security officers and increase investments ...more

Posted by Dr. Larry Ponemon at 4:07 pm
Permalink Add Comment (0 Comments)

Integrated, Holistic Security Strategies

July 12, 2010

Holistic is a popular word these days. Often applied to food and medicine, the word conjures images of natural, healthy living, but the word holistic refers to the function of an entity as a whole, including the interdependence of all its parts. Given this broader meaning, holistic can (and should) be applied when thinking strategically about the way a business organization operates. Successful, well-functioning organizations most adapt to change, be flexible in their relationships, and innovative in their ...more

Posted by Dr. Larry Ponemon at 8:30 am
Permalink Add Comment (0 Comments)

Information Governance in the Cloud

July 15, 2010

Just a brief note to bring our recent webinar to your attention.  I presented Information Governance in the Cloud along with the good people at Symantec.  The presentation is based in part on results from our earlier report, Flying Blind in the Cloud. If you want to view the webinar, presented on the Windows Live Meeting platform, please click here. If you have any questions or comments about this issue, our report, or the webinar, we'd ...more

Posted by Dr. Larry Ponemon at 11:08 am
Permalink Add Comment (0 Comments)

Poor Privacy Practice is Ailing Healthcare Industry

November 9, 2010

It has been more than six years since the ChoicePoint data breach thrust the issue of privacy protection into the headlines. Since then hundreds of information security failures have been disclosed and the tools and techniques used to keep sensitive information safe have advanced at a healthy pace. Recent incidents in the healthcare industry, however, strongly suggest that best practices have not been universally adopted. Looking deeper into this issue with our recent Benchmark Study on Patient ...more

Posted by Dr. Larry Ponemon at 6:05 am
Permalink Add Comment (0 Comments)

Compliance Like a Club

January 31, 2011

Have you ever noticed how some organizations wield compliance like a club when marketing their products or services? They remind you of the latest in information security regulations, such as the HITECH Act or Mass 201 CMR 17, and then menacingly predict doom for those who transgress. If you fail to comply, their messages warn like a cross schoolmarm, the boogey man will flash his regulator badge and lower the boom (unless, of course, you buy the ...more

Posted by Dr. Larry Ponemon at 10:14 am
Permalink Add Comment (0 Comments)