PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cybersecurity vs. Humans: The Human Problem Requires a Human Answer

Data Security Human Error - Security Awareness Training

According to a recent Ponemon Institute study, the odds of an organization having a data breach are 1 in 4.  The study also found that the average cost of a data breach is $3.62 million in 2017.  That’s a drop of 10%, but the size of data breaches has increased. The Human Problem The vast […]

Ransomware The Horror Grows

As the FBI warned, ransomware has proven to be a formidable threat costing businesses over $1 billion in 2016, averaging 4,000 attacks per day. Ransomware forces victims to choose between losing access to their files or paying a fee that can range between hundreds and thousands of dollars. Ransomware has already made headlines in the first […]

Privacy Cartoon: Privacy Budget vs. Security Budget

Cartoon Privacy vs. Security Budget

  My cartoon depicts the discrepancy in the security and privacy budgets at many organizations.  Of course, the cartoon is an exaggeration.  In an IAPP survey of Chief Privacy Officers at Fortune 1000 companies in 2014, privacy budgets were nearly half of what security budgets were.  That’s actually better for privacy than many might expect. […]

The Future of the FTC on Privacy and Security

Co-authored by Professor Woodrow Hartzog The Federal Trade Commission is the most important federal agency regulating privacy and security. Its actions and guidance play a significant role in setting the privacy agenda for the entire country. With the Trump Administration about to take control, and three of the five Commissioner seats open, including the Chairperson, […]

Notable Privacy and Security Books 2016

Notable Privacy Security Books 2016 - TeachPrivacy 01

Here are some notable books on privacy and security from 2016. To see a more comprehensive list of nonfiction works about privacy and security, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.

The Funniest Hacker Stock Photos 2.0

Security Training

Back by popular demand, it’s time for another round of the funniest hacker stock photos.  Because I create information security awareness training (and HIPAA security training too), I  frequently find myself in need of a good hacker photo. But good hacker photos are hard to find.  I often browse through countless images, each one more […]

The 5 Things Every Privacy Lawyer Needs to Know about the FTC: An Interview with Chris Hoofnagle

Privacy and Security Training

The Federal Trade Commission (FTC) has become the leading federal agency to regulate privacy and data security. The scope of its power is vast – it covers the majority of commercial activity – and it has been enforcing these issues for decades. An FTC civil investigative demand (CID) will send shivers down the spine of […]

Can the FBI Force Apple to Write Software to Weaken Its Software?

Privacy Awareness Training

A dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power.  The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.