David Sheidlower

CISO

Turner Construction

David Sheidlower, CISSP, CISM is the Chief Information Security Officer for Turner Construction, one of the largest construction management companies in the United States. Previously he was CISO at BBDO, the world's most awarded advertising agency. Previousy he was (CISO) for Health Quest, the Mid-Hudson Valley's largest healthcare system. David also serves as a member of the State of New York Health Information Network Policy Committee. Prior to Health Quest, he was the Division Information Security Officer within the small business lending division of Wells Fargo Bank—the largest small business lender in the country. David writes and blogs on security with a focus on the intersection of cyber security and humanism, something he is uniquely qualified to write on. His past activities include presenting at the MIS Institute’s Big Data Security Conference, working with the World Health Organization on Functional Health Status Measures and teaching letterpress printing at the Naropa Institute’s Jack Kerouac School for Disembodied Poetics in Boulder, Colorado. David also blogs at www.cybersecrighthere.com . He holds a Bachelor’s degree from the University of California, Berkeley and a Master’s degree in Health Service Administration from St. Mary’s College of California.


For Whom the Bell Curve Tolls

Posted on: 02 Dec 2014

People prefer to choose the groups they are in.  Even before social media exploited that, there were fan clubs, fraternities, sororities, and many different kinds of groups that people associated themselves with. There are also the groups that people don’t choose but through birth, prejudice, unforeseen circumstances and/or unwanted diagnoses, they find themselves in nonetheless. …

Anti-Viral

Posted on: 13 Oct 2014

Aggregating is the inverse of broadcasting.   What complicates this is that many technologies are now used for both.  Cell phones are the best example.  They are a device originally designed for communication. Their original purpose was  for transmitting information between individuals and they have evolved into one that can broadcast that information via social media. …

The Point Beside the Point

Posted on: 15 Sep 2014

If we live in a data-centric world, it is still true that data are more immediate for some than for others.  To use one individual as an example: by the fifth grade, Ben was an excellent data analyst.  His life depended on it. Ben went to grade school with my younger son and Ben has…

Big Data And Us Little People

Posted on: 25 Aug 2014

The last series I wrote for securitycurrent dealt with principles of data security and privacy. Many authorities charged with enforcing data protection accept the principles. They are based on the idea that the actors in data transactions ( i.e., subjects, collectors, disclosers, users and regulators) all have a role to play in creating and maintaining the world…

Security, Where Myths Should Go to Die

Posted on: 13 Mar 2014

There are tellers of tales and debunkers of myths. An organization needs both. An example: the March of Dimes needed people to have the vision of eradicating Polio.  Its very transition from being called the National Foundation for Infantile Paralysis to becoming the popularly known March of Dimes needed the contributions of folks who could…

Not Like the Others

Posted on: 12 Feb 2014

(This is the sixth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The third installment can be read here. The fourth installment can be read here. The fifth installment can be read here. These principles, often represented in regulations and privacy…

Being Data – The Principle of Participation

Posted on: 11 Jan 2014

(This is the fifth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The third installment can be read here. The fourth installment can be read here. These principles, often represented in regulations and privacy practices, form the foundation for…

Consent: The Part of ‘Yes’ that We Don’t Necessarily Understand

Posted on: 21 Dec 2013

(This is the fourth installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. The third installment can be read here. These principles, often represented in regulations and privacy practices, form the foundation for how an organization should treat the…

I am Not a Number, I am a Bunch of Numbers

Posted on: 25 Nov 2013

(This is the third installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. The second installment can be read here. These principles, often represented in regulations and privacy practices, form the foundation for how an organization should treat the customer data they collect.) We’ve both been…

Privacy Policies: Would You Give Customer Data to the Government?

Posted on: 03 Nov 2013

(This is the second installment in an on-going examination of the first principles of data privacy and security. The first installment can be read here. These principles, often represented in regulations and privacy practices, form the foundation for how an organization should treat the customer data they collect.) Imagine you belong to one of the largest,…