Posts about Data Security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
A while ago, I wrote about a case involving a member of the St. Louis Cardinals baseball team staff who improperly accessed a database of the Houston Astros. There is now an epilogue to report in the case. The individual who engaged in the illegal access — a scouting director named Chris Correa — […]
It’s time for a third installment of the funniest hacker stock photos. Because I create information security awareness training (and HIPAA security training too), I’m always in the hunt for hacker photos. There are so many absurd ones that I can make enough Funniest Hacker Stock Photo posts to keep pace with Disney in making […]
Here are some notable books on privacy and security from 2016. To see a more comprehensive list of nonfiction works about privacy and security, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.
Harm has become the key issue in data breach cases. During the past 20 years, there have been hundreds of lawsuits over data breaches. In many cases, the plaintiffs have evidence to establish that reasonable care wasn’t used to protect their data. But the cases have often been dismissed because courts conclude that the […]
Hacking is easy. My latest cartoon is based on the fact that many hacking attacks involve rather simple and common tactics. Why try the hard stuff when the easy stuff works so well? All it takes is for one person to fall for a social engineering trick, and the hackers can break in.
In a series of posts, I have written about some of my favorite media regarding privacy and security: TV shows, movies, and novels. When I wrote about TV shows, a number of people recommended the show Black Mirror. I have now seen all the episodes thus far, and I am happily adding it to the […]
Why do phishers waste their time with such obvious phishing scams when they can do so much better? One possible answer: They don’t have to do better. They send out so many emails that they only need a very low percentage of people to click. And people always do. In fact, if phishing emails became […]
Contracting with cloud service providers has long been a world shrouded in fog. Across various organizations, cloud service agreements (CSAs) are all over the place, and often many people entering into these contracts have no idea what provisions they should have to protect their data.
A recent article in Wired argues that it is time to kill password recovery questions. Password recovery questions are those questions that you set up in case you forget your password. Common questions are: In what city were you born? What is your mother’s maiden name? Where did you go to high school?
I have good news and bad news about ransomware. First, the good news — here’s a cartoon I created. I hope you enjoy it, because that’s the only good news i have. Now, for the bad news . . . The Bad News: Be Afraid, Very Afraid Everyone seems to be afraid of ransomware these […]