According to a recent Ponemon Institute study, the odds of an organization having a data breach are 1 in 4. The study also found that the average cost of a data breach is $3.62 million in 2017. That’s a drop of 10%, but the size of data breaches has increased. The Human Problem The vast […]
Category: Training: Data Security
Posts about Data Security Training by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Law Firm Cybersecurity: An Industry at Serious Risk
Last year, major incidents involving law firm data breaches brought attention to the weaknesses within law firm data security and the need for more effective plans and preparation. An American Bar Association (ABA) survey reveals that 26% of firms (with more than 500 attorneys) experienced some sort of data breach in 2016, up from 23% in 2015.
Epilogue to the St. Louis Cardinals Baseball Hacking Case
A while ago, I wrote about a case involving a member of the St. Louis Cardinals baseball team staff who improperly accessed a database of the Houston Astros. There is now an epilogue to report in the case. The individual who engaged in the illegal access — a scouting director named Chris Correa — […]
Ransomware: A Cartoon to Brighten More Bad News
I have good news and bad news about ransomware. First, the good news — here’s a cartoon I created. I hope you enjoy it, because that’s the only good news i have. Now, for the bad news . . . The Bad News: Be Afraid, Very Afraid Everyone seems to be afraid of ransomware these […]
Is a Ransomware Attack a HIPAA Data Breach?
As ransomware escalates and poses serious security risks for healthcare institutions, many privacy experts and legislators have called for more specific guidance from the U.S. Department of Health and Human Services (HHS). A few weeks ago, HHS responded to these calls with a detailed fact sheet to explain ransomware and provide advice. Although most of […]
Passwords Cartoon – Security Awareness Training
Here’s a cartoon I created to illustrate the importance of security awareness training. I hope you find it amusing.
Ransomware Growing Out of Control
Security experts are sounding the alarm bell as ransomware attacks continue to increase rapidly since my last post on the subject.
New Resource Page: How to Make Security Training Effective
I recently created a new resource page — How to Make Security Training Effective. The page contains my advice for how to make security training memorable and effective in changing behavior. Training the workforce is an essential way to protect data security, but not all training endeavors are successful. Poor training is akin to shouting […]
New Resource Page: Security Awareness Training FAQ
What laws require security awareness training? What topics do the laws require to be covered? What should be covered? How frequently should training be given? I recently created a new resource page — Security Awareness Training FAQ — to answer the above questions and more. I discuss various legal and industry requirements for security awareness […]
6 Reasons to Visit the TeachPrivacy Booth at the IAPP Summit 2016
Please stop by the TeachPrivacy booth at the expo at the IAPP Summit. 1. Play our new game. See if you can spot all the privacy and data security risks in this scene. Pick up a copy of the scene, see our poster, and try out our interactive module.