In the spirit of the upcoming Halloween season, I thought it a fine time to examine what happens to our digital lives after death. Few of us really consider our digital remains but I’d encourage you to do so for many reasons. Like our physical bodies, our electronic personifications serve no purpose to us once… Read More
Privacy Concerns: Survey Says!
A recent survey by the Pew Research Center found that the majority of mobile phone users have uninstalled or avoided apps due to privacy concerns. According to the report: 54% of mobile users have decided to not install an app after discovering the amount of information it collect 30% of mobile users uninstalled an app… Read More
Possible Implications of FCRA Actions?
On August 8, 2012, the Federal Trade Commission settled with HireRight Solutions, Inc. (“HireRight”) for failure to comply with certain Fair Credit Reporting Act (“FCRA”) requirements. According to the FTC’s complaint, HireRight provides background reports on current and prospective employees to thousands of employers. These background reports contain public record information, including criminal histories. Employers… Read More
What You Say Can And Will Be Used Against You In A …
Have you ever wondered what happens to all those queries given to SIRI or IRIS on your smartphones? Millions of people should be concerned and so should public and private sector organizations. For those of you who are not up to speed on what SIRI or IRIS is, I’ll explain. Basically, they are two applications… Read More
Cops: Pastor Hid Cameras In Church Bathroom | The Smoking Gun
“You never know when you are auditioning!” You have heard me say it before. I’ve written about it in my book “Securing the C Level” and here in my blog. I’ve discussed it at conferences and in presentations. But this represents the extreme end of that recommendation I had never included for consideration. Cops: Pastor… Read More
My comments about Virtuport and MENA ISC 2012.
Several exceptional facets of MENA ISC 2012 became quite apparent to me during my attendance and participation in the Middle East North Africa Information Security Conference. First, what a truly impressive assembly of international security experts and delegates. People attending were engaged, inquisitive, and very collaborative which is a vital component in mastering the global… Read More
Consumer Reality Check – Lifting the Veil on PCI DSS
I read an article entitled “Global Payments has some explaining to do” (Source: CSO) today and there were some interesting points made by Bill Brenner, managing editor of CSO. He asked specifically, “How on Earth were they designated PCI compliant in the first place? What were the specific actions they took to improve security and… Read More
Usage Terms
MichaelPeters.org – Your Personal CXO and its affiliates (“MichaelPeters.org – Your Personal CXO” or “we”) provides its content on MichaelPeters.org (the “Site”) subject to the following terms and conditions (the “Terms”). We may periodically change the Terms, so please check back from time to time. These Terms were last updated on March 31, 2012. By… Read More
Failure to Communicate: Pending US Congressional Orwellian Bills Threaten the Internet
In the spirit of the holiday season, three wise men, actually law professors, following an analysis, are warning that the proposed intellectual property PROTECT IP (Source: PROTECT IP) and the Stop Online Piracy Act (SOPA) (Source SOPA) legislation, currently working their way through Congress, will damage the world’s DNS system, cripple attempts to get better… Read More
Juris Doctor 161 of 161: perfectum, terminée, terminado, finito, finished!
Today is a great day. Those sequential steps, one in front of the other, that have led me to fruition. It is a funny sensation, but not unfamiliar to me, when you complete your mission, or challenge, or extended period of time devoted to anything that, when it is complete, we have a quiet sense… Read More
Reputations
“Say it with roses, say it with mink, say it forever, then say it with hyper-link.” – Michael D. Peters
Juris Doctor 159 of 161: Not an Oncoming Train!
That light at the end of the tunnel I see is not an oncoming train, but the culmination of literally years worth of hard academic work. I’ve fantasized a bit on what my post doctoral program would be like and what lifestyle changes I would need to adjust for. For the first time in my… Read More
Shot Down in Flames! – That ROI for security or litigation is in jeopardy.
The Return on Investment, aka ROI, is an essential financial measurement for any business venture and one that must be positive, or at least neutral, in order to demonstrate the viability of the proposition being examined. There are certain essential business functions however that does not provide a return on your investment; and two… Read More
Would you buy a car without seat belts?
Recent headlines said, “Network ransacked in huge brute-force attack” (Source: The Register) and “Hackers break SSL encryption used by millions of sites” (Source: Huffington Post) among many other security and privacy news that fill the news outlets every time I look and listen. The problem is not some new phenomenon, but one that continues to… Read More
The Death of Privacy?
Today, I propose we declare the death of privacy. In our technically advancing world, our personal privacy expectations must be reconsidered, re-conceived and redefined. We all expose ourselves through swipes, transactions, likes and tweets. Through handsets, television sets and mindsets, we voluntarily add our behavioral attributes to the associated handlers of our digital DNA almost… Read More
Getting rid of getbetterlinks
I noticed site content links being introduced through my Firefox browser today. Apparently a browser extension called Betterlinks had been added by Mozilla in the latest updates. Betterlinks supplies alternative locations for content that may be in competition with your site by influencing your searching. My rhetorical question for the day is “Who gets to… Read More
FTC Proposes Significant Changes to the Online Collection of Information from Children rule
The Federal Trade Commission (“Commission”) released on September 15, 2011, its long-awaited proposed amendments to its rule implementing the Children’s Online Privacy Protection Act (“COPPA Rule”). They are accepting comments until November 28, 2011. The Commission is proposing modifications to the COPPA Rule in three key facets:
Easiest way to breach a bank? Just hold-em-mop!
On July 29, 2011, Massachusetts Attorney General Martha Coakley announced a $7,500 settlement with Belmont Savings Bank following a May 2011 data breach involving the names, Social Security numbers and account numbers of more than 13,000 Massachusetts residents. The bank has stated that it has no evidence of unauthorized access to or use of consumers’… Read More
Expanding Security Breach Notification Requirements in California
A new amendment to California’s security breach notification law will raise the stakes for businesses required to give notice of a data security breach affecting California residents. California Senate Bill 24 (“SB 24”), signed by Governor Brown on August 31, 2011, imposes detailed new requirements for the content of security breach notices. Significantly, SB 24… Read More
Geolocational Privacy and Surveillance Act – First Blush
The law does not lead, it follows. Our system is very reactive in nature. It tends to change, without my surprise, like people generally do as a direct result to negative events or influences. Smokers quit following the heart attack and our legal system create laws based upon past events. GPS technology has been around… Read More
Juris Doctor 135-143 of 161: The Geek Shall Inherit the Universe
Cyber-espionage and Cyber-warfare poses the greatest threat to our society today. No longer are massive militarized forces with the most advanced weaponry the force to fear. The forces to be feared now are computer geeks. A single person or just a few cyber-savvy individuals working together as a team now possess the power to bring… Read More
Dropbox? More Like Dropball!
There has been a putative class action complaint filed on June 22, 2011, in the United States District Court, for the Northern District of California alleging that the popular cloud-based storage provider Dropbox, Inc. failed to secure its users’ private data or to notify the vast majority of them about a recent data breach. According… Read More
David (Michael) v. Goliath (Register.com)
I have several domain names registered. Over the years, the registrars I’ve used at times have changed and this is driven largely by competitive parking prices. A domain is very much like an automobile. You make a visit to the dealership (registrar) and purchase the vehicle of choice. You make regular payments and enjoy your… Read More
New PCI Data Security Standards for Cloud Compliance
The PCI Security Standards Council’s Virtualization Special Interest Group recently published its “Information Supplement: PCI DSS Virtualization Guidelines” (the “Guidelines”) to Version 2.0 of the PCI Data Security Standard (“PCI DSS”). The Guidelines provide context for the application of the PCI DSS to cloud and other virtual environments, and offer at least three critical reminders: