PRIVATE SECTOR UPDATE — DHS Presents State of America’s Homeland Security

PS-Prep strategy planning groups, along with all business continuity and risk management members of teams in organizations of all sizes should be interested in listening to Janet Napolitano, Department of Homeland Security Secretary (DHS), as she delivers the second annual State of America’s Homeland Security address, on Monday, January 30 2012 at 1:00 PM EST. Increasing our nation’s security and resilience remains a goal achieved through strong connections between DHS and our nation’s private sector. Click here to watch Janet Napolitano’s presentation LIVE on Monday, January 30 2012 at … [Read more...]

Business Continuity and Emergency Management Plan Testing — Need Help Pitching the Need?

Many of the readers of this website belong to emergency management and business continuity planning teams.  And, hopefully, those disaster preparedness focused teams are testing their emergency, continuity and disaster recovery plans regularly. But if not, or if those risk management centered groups are looking for some useful information to assist the testing of those BC/DR plans, then, an article written by Jim Satterfield is a valuable resource to turn to when you need content and reasons to convince your fellow BC/DR team members – or even upper management -- that funding and support is … [Read more...]

Privacy and Security Controls in Your Corporate Board Room — Perhaps a Review is Necessary

In a recent article written by NICOLE PERLROTH a potential risk mitigation event was revealed and should be cause for all organization’s to re-verify that camera’s used in their corporate board rooms are properly and verifiably protected from hackers. Ten years ago, videoconferencing systems were complicated and erratic, and ran on expensive, closed high-speed phone lines. Over the last decade, however, videoconferencing — like everything else — migrated to the Internet. Now, many businesses use Internet protocol videoconferencing — a souped-up version of Skype — to connect with … [Read more...]

Google Plans to Alter Privacy Policy and Terms of Service

The actions and decisions of Google can potentially affect many information security teams in organizations across the globe.  With that thought in mind, a recent announcement by Google to alter its privacy policy and terms of service to reflect the fact that it is now going to combine data from its various services into a single user profile may well be an event that requires close study, review and evaluation regarding an organization’s own existing privacy policy – i.e. particularly where services such as Google are involved. It goes without saying that this privacy change by Google … [Read more...]

New Members Named to 2012 ASIS Commission on Standards and Guidelines

ASIS recently announced the selection of members that have been named to the 2012 ASIS Commission on Standards and Guidelines.  This commission has the responsibility to advance the practice of security management through the development of standards and guidelines within a voluntary, nonproprietary and consensus-based process, utilizing the knowledge, experience and expertise of ASIS membership, security professionals and the global security industry. One of those members named to the commission is Lisa DuBrock, CPA, Managing Partner, Radian Compliance, LLC, and, a contributing editor and … [Read more...]

Business Continuity Planners May Face “Frictionless Sharing” Risks from New Facebook Apps

While information security and privacy rights protection teams within organizations continue to monitor the potential privacy risks that Facebook may be presenting to their employees, a new announcement was made today indicating that Facebook is now adding over 60+ new applications within their auto-share technology. Click here to read a Facebook company blog covering this news as released by Facebook’s director of platform Cal Sjogreen. As you will read, Facebook users can now immediately begin adding these new apps to their timelines. As Sjogreen states, “…the apps are all set up to … [Read more...]

E-Discovery No Stranger on Campus

In response to a few recent inquiries and comments from readers working in the educational field, and, in particular for those readers working in a university campus information security department, who requested that more discussions and information be presented on the topic of e-discovery relevant to a university campus environment, our staff would like to present a listing of recent postings and articles addressing this growing dynamic within the “discovery” process itself. Dian Schaffhauser, a writer who covers technology and business related topics for a number of various publications, … [Read more...]

Information Security Lesson from Recent Zappos Breach Incident

In the event that anyone on your organization’s information security team becomes complacent about the need to be ever diligent about maintenance and updating of information security levels in your organization --- a privacy breach incident recently announced at should be adequate reminder that risk mitigation in this area is a 24/7 ongoing area of responsibility. Zappos CEO Tony Hsieh had to recently notify customers by email stating that the Zappos web marketplace system location that houses customer privacy centric information was compromised --- asking them to create a new … [Read more...]

Hacker “Yama Tough” Threatens Release of Source Code for Norton’s Antivirus Software

For our readers who utilize Norton’s Antivirus software applications as part of their organization’s information security plans, be aware of a story recently released on the Reuters’ news related website announcing that “Hackers are to release full Norton Antivirus code on Tuesday”. It appears that a hacker who goes by the name of “Yama Tough” is threatening to release the full source code for Symantec Corp’s flagship Norton Antivirus software. Click here to read more about this developing story as reported by Frank Jack Daniel. If applicable, please pass this information along to … [Read more...]

Emergency Responder Knowledge Base Website Resource Available Online 24/7

The concept now well known as “Information Sharing” had its early adoption during the implementation, in October 2003, of “Project Responder”. This original project was jointly sponsored by the Oklahoma City Memorial Institute for the Prevention of Terrorism (MIPT) and the U.S. Department of Homeland Security (DHS), and, was meant to assist emergency and first responder teams. The project later evolved again – into the development and now widespread use of the Responder Knowledge Base (RKB) website ( The Responder Knowledge Base website is funded by DHS's Federal Emergency … [Read more...]