Blogs

  • How to build a safety culture in three steps

    by Ben Rothke on April 14, 2010

    This is an article from Aviation International News. While it is about aviation safety; the keys points, namely about a culture, ring true for information security. How to build a safety culture in three steps By: John Goglia April 1, 2010 There are no petri dishes where we could grow a perfect strain of safety culture and inject it into those aviation organizations that clearly seem to need it. …

  • Missouri's Breach Notification Law

    by Stephen Wu on April 13, 2010

    Missouri became the 45th state to enact a breach notification law. Mo. Rev. Stat. §§ 407.1500.1-407.1500.4. Missouri’s governor signed the enabling legislation, H.B. 62, into law last July. It went into effect last August 28. For a copy of H.B. 62, click here. H.B. 62 covers “personal information” consisting of a name in combination with a driver’s license number, Social Security number, or…

  • Montana's Amendments to Its Breach Notification Law

    by Stephen Wu on April 7, 2010

    Last April, Montana added a public sector breach notification requirement to its existing private sector breach notification law. Mont. Code Ann. § 30-14-1704. The new law, enacted as H.B. 155, went into effect on October 1, 2009. It applies to “state agencies,” and creates a breach notification requirement for agencies maintaining data containing personal information. For a copy of H.B. 155, …

  • Washington's New PCI-Based Card Reissuance Liability Law

    by Stephen Wu on March 27, 2010

    On March 22, 2010, Washington’s governor signed a new law that holds businesses and card processors liable for the cost of reissuing cards following a security breach caused by their negligence. The legislation, H.B. 1149, goes into effect on July 1, 2010. H.B. 1149 § 3 (2010). For a copy of H.B. 1149, click here. Covered businesses are those that process more than 6 million card transactions a…

  • Preview - Cryptography Engineering: Design Principles and Practical Applications

    by Ben Rothke on March 26, 2010

    I just got a copy of Cryptography Engineering: Design Principles and Practical Applications . Think of it as an update to Applied Cryptography. While not as dense as Applied Cryptography, it does update the contents significantly. This should be a required read for any serious student of cryptography.

  • On the Road at RSA 2010 – interviews of thought leaders from the conference

    by Ben Rothke on March 19, 2010

    I have a 4-part set of video interviews of thought leaders that I took at RSA 2010. Check the videos out at: Part 1 - http://www.btsecurethinking.com/2010/03/on-the-road-at-rsa-2010-%E2%80%93-part-1/ Pete Lindstrom – “New attacks and counter attack trends” Uri Rivner – “Current state of cyber attack trends” Steve Teppler – “Legal aspects and electronic discovery” Part 2 - http://www.btsecurethin…

  • Pension Committee Case Changes eDiscovery Landscape

    by Stephen Wu on March 18, 2010

    United States District Judge Shira Scheindlin in Manhattan's federal court has been as one of the leading lights in the federal judiciary in the field of electronic discovery since her landmark Zubulake v. UBS decisions in 2003 and 2004. This year, six years after her Zubulake decision about attorneys' affirmative duty to monitor compliance with the eDiscovery rules, Judge Scheindlin issued…

  • Reflections on Physical Security and Critical Infrastructure Track at RSA

    by Gib Sorebo on March 17, 2010

    Now that the RSA Conference is a pleasant memory, I wanted to reflect on the newly renamed Physical Security and Critical Infrastructure Track. In response to growing interest in maintaining the security of power plants, chemical facilities, pipelines, transportation systems, and many other industries dominated by industrial control systems and related equipment, RSA Conference organizers added…

  • My slides from the PechaKucha (PK) Happy Hour

    by Ben Rothke on March 5, 2010

    The inaugural RSA PechaKucha (PK) Happy Hour was a huge success. My slides from last night’s PK event: Knowledge is power. A great way to become a powerful security professional is by reading. But what books should a busy security professional be reading? are at https://365.rsaconference.com/docs/DOC-2508 Slides for the other presenters are at https://365.rsaconference.com/community/connect/rsa-c…

  • Tales from the Info Security Reading Room

    by Ben Rothke on March 4, 2010

    I am presenting at the RSA PechaKucha Happy Hour tonight - Thurs. March 4, 2010 on ‘Tales from the Info Security Reading Room: Most of the Best and a Little of the Worst' Knowledge is power. A great way to become a powerful security professional is by reading. But what books should a busy security professional be reading? http://www.rsaconference.com/2010/usa/agenda-and-sessions/pecha-kucha-hap…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 02 Aug 2014 02:32:36 -0400.
© 2014 EMC Corporation. All rights reserved.