Posts about Data Security Training by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
by Daniel J. Solove I’ve been a teacher for the past 15 years, and I’ve taught in several mediums including live classes and computer-based e-learning. I have come to the conclusion that the most effective factor in education and training is fostering emotional investment. Simply put, students must care about learning the material. The more […]
by Daniel J. Solove A recent article in CIO explores the question: Is data security awareness training effective? The answer: Yes. The article points to an ISACA study that seeks to measure the effectiveness of data security awareness training. The study concludes: “Security awareness training is a vital nontechnical component to information security. As such, […]
by Daniel J. Solove Far too often, the mandate for data security is simply to “secure it,” and people often think of data security as a set of clear choices. This is in contrast to privacy, which is understood as a set of muddy policy issues. But data security is, in fact, quite muddy itself. […]
by Daniel J. Solove There seems to be a surge in data security attacks lately. First came news of the Target attack. Then Neiman Marcus. Then the U.S Courts. Then Michael’s. Here are four points to consider about data security: 1. Beware of fraudsters engaging in post-breach fraud. After the Target breach, fraudsters sent out […]
by Daniel J. Solove A PC World article discusses a new study by Forrester that reveals that internal threats are the “leading cause” of data breaches. The survey involved companies in Canada, France, Germany, the UK, and the US. The study revealed that 36% of breaches involve “inadvertent misuse of data by employees.” According to […]
by Daniel J. Solove I was recently asked whether I had a list of the various laws, regulations, and industry codes that require privacy and/or data security training. I know about a number of training requirements, but didn’t have a formal list. I realized that such a list would be useful, so I created one […]
In 2007, Seung Cho, a student at Virginia Tech, killed 32 students and faculty and wounded 17. He then committed suicide. One of the most troublesome things about this incident was that it might have been prevented if school officials and employees had a better grasp of privacy law. Appointed by the state governor, the […]
by Daniel J. Solove Increasingly, educational institutions and state entities handling student data are hiring outside companies to perform cloud computing functions related to managing personal information. The benefits of cloud computing are that outside entities might be more sophisticated at managing personal data. These entities may be able to manage data more inexpensively and […]
Posted by Daniel J. Solove According to a stat in SC Magazine, 90% of malware requires a human interaction to infect. One of the biggest data security threats isn’t technical – it’s the human factor. People click when they shouldn’t click, put data on portable devices when they shouldn’t, email sensitive information, and engage in […]