Re-post: Your Employee Is an Online Celebrity. Now What Do You Do?

Mixing social media and on-the-job duties can be a win-win. Or not. I wanted to share an excellent article concerning an emerging issue in the workplace concerning employees with strong personal brands and potential conflicts with corporate needs and expectations. The original article is here: Personally, I considered it an excellent thought-provoking article! It points… Read More

Information Security By the Numbers

The Security Trifecta is a comprehensive and innovative approach to holistic security, risk, governance and privacy coverage for the enterprise. Because the methodology is universally applicable and ultimately sustainable, it has become the perfect model for any size organization regardless of business concentration. In fact, the more critical, the more regulated, the more sensitive the… Read More

Possible Implications of FCRA Actions?

On August 8, 2012, the Federal Trade Commission settled with HireRight Solutions, Inc. (“HireRight”) for failure to comply with certain Fair Credit Reporting Act (“FCRA”) requirements. According to the FTC’s complaint, HireRight provides background reports on current and prospective employees to thousands of employers. These background reports contain public record information, including criminal histories. Employers… Read More


I’m excited to announce that the Holistic Operational Readiness Security Evaluation (HORSE) project wiki has surpassed the 1 million mark in page views by subscribers like you. If you don’t know what the HORSE Project is, browse on over to the site and see why it is one of the best, freely available authorities in… Read More

The Death of Privacy?

Today, I propose we declare the death of privacy. In our technically advancing world, our personal privacy expectations must be reconsidered, re-conceived and redefined. We all expose ourselves through swipes, transactions, likes and tweets. Through handsets, television sets and mindsets, we voluntarily add our behavioral attributes to the associated handlers of our digital DNA almost… Read More

New PCI Data Security Standards for Cloud Compliance

The PCI Security Standards Council’s Virtualization Special Interest Group recently published its “Information Supplement: PCI DSS Virtualization Guidelines” (the “Guidelines”) to Version 2.0 of the PCI Data Security Standard (“PCI DSS”). The Guidelines provide context for the application of the PCI DSS to cloud and other virtual environments, and offer at least three critical reminders:

National Office for Cyberspace and H.R. 4900

A funny thing happened along the way while I was busy revising and adding content to the HORSE Wiki. My focus last week was primarily on Federal guidance such as NIST special publications and FISMA guidelines. Well apparently there are more folks tuned into that station it turns out when a very close government colleague… Read More

HORSE Project Wiki is now on

The Holistic Operational Readiness Security Evaluation, also known as the HORSE Project, is now on The original wiki is now over four years in production and continues to be a great resource. Participants benefit from potentially earning CPE credits when they write original page plus contributions to the wiki. It also looks great on… Read More

A horse by any other name ….

If I were to be asked by anyone which volunteer activity I am most proud of, it would be my brain-child pet project known globally as the HORSE Project. The Holistic Operational Readiness Security Evaluation (HORSE) project has been a four year commitment to the education, enlightenment, collaboration, knowledge sharing, and awareness of the global… Read More

Crown Jewels and Encryption Opportunities

As long as there is a need to accept, transmit and store personal and financial information, organized criminals and other self-righteous entities will attempt to breach the caretaker’s enterprise to obtain this information. Mastering the art and science of information security is an elusive quest. Few will ever achieve their goal. Few will ever reach… Read More