• Webinar June 8 - Effective Data Destruction Practices

    by Ben Rothke on June 3, 2010

    I am giving a webinar on June 8 on 'Effective Data Destruction Practices' at 10:00AM Pacific, 1:00PM Eastern, for O'Reilly Media. Changes in data storage technologies, new Federal and State data privacy regulations and other factors have created an urgent need to have effective electronic records destruction practices. This session will detail the specifics of these changes and how organizations…

  • Is the oil industry due for a little cyber security attention?

    by Gib Sorebo on June 1, 2010

    The legal profession is often seen as having the rather dubious distinction of seeking to profit at the misfortunes of others or, more simply, of being ambulance chasers. As law graduate myself, I don’t dispute that many practicing lawyers get rather aggressive around accident sites. Nonetheless, much of the profession’s bad name derives instead from the highly valuable function they perform, …

  • New Jersey Law on Interception of Internet Communications

    by Stephen Wu on May 27, 2010

    In October, New Jersey enacted cybercrime legislation signed by Governor Corzine authorizing the interception of wire or electronic communications of “computer trespassers.” A 3761 (2009). For a copy of the legislation, click here. Under A 3761, persons acting “under color of law” are authorized to “to intercept the wire or electronic communications of a suspected computer trespasser transmitted…

  • Books from SAP Press

    by Ben Rothke on May 25, 2010

    I recently came upon SAP Press, an imprint that seems somewhat new. They focus on titles around SAP and NetWeaver. They have a number of books on risk and compliance – see, which seems to be of value for anyone needed to secure or audit an SAP environment. There does not seem to be any titles specifically around SAP security;…

  • Preview - Vein Pattern Recognition: A Privacy-Enhancing Biometric

    by Ben Rothke on May 22, 2010

    I just got a copy of Vein Pattern Recognition: A Privacy-Enhancing Biometric. So far seems like a good book. Provides and overview of various biometric techniques, with an emphasis on vein pattern recognition (VPR). The claim is that VPR is more accurate than many other biometric methods and offers greater resistance to spoofing. Stay tuned for a complete review.

  • New Mississippi Breach Notification Law

    by Stephen Wu on May 15, 2010

    On April 7, 2010, Mississippi became the 46th state in the U.S. to enact breach notification legislation when the governor signed H.B. 583. The Mississippi House passed the legislation in January, and the Mississippi Senate amended and passed a version of H.B. 583 in March. The legislation covers businesses holding the personal information of Mississippi residents. For a copy of Mississippi H.B. …

  • California Information Security Legislative Update

    by Stephen Wu on May 5, 2010

    Last year, California addressed the disposal of personal information by enacting AB 1094, which provides a safe harbor for storage companies or landlords when they end up with others’ records containing personal information. Governor Schwarzenegger, however, vetoed legislation, SB 20, to enhance the state’sbreach notification law to require notification to the California AttorneyGeneral, in…

  • The Illusion of Due Diligence

    by Ben Rothke on April 28, 2010

    The Illusion of Due Diligence is a great new book from Jeff Bardin. Full disclosure, Jeff is a friend of mine, and I wrote the introduction to the book, so this is more of an announcement and not a book review. The book is an in the trenches narrative about Jeff’s experiences in the CISO wild. Jeff is a guy who really gets security, and the book is a must read for anyone who also wants to get the…

  • Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet

    by Ben Rothke on April 23, 2010

    Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet is a non-fiction cyber-thriller with super analytical advice. As computing and technology has evolved, so too have the security threats correspondingly evolved. The classic Yankee Doodle virus of 1989 did minimal damage, all while playing a patriotic, albeit monotone song. In 2010, aggressive malware now…

  • Smart Grid Security Jitters

    by Gib Sorebo on April 21, 2010

    Over the last couple years, those in the Smart Grid security community have witnessed a number of news reports on vulnerabilities with Smart Grid technology that are not particularly flattering. For example, a widely circulated AP article called into question the security of various smart meters currently being deployed. However, the article left out some of the caveats noted during their…

This document was retrieved from on Sat, 28 Mar 2015 23:06:21 -0400.
© 2015 EMC Corporation. All rights reserved.