Data Privacy in the Era of COVID-19

One of the most important things for employers, schools, universities, hospitals, and public places to do during the time of a pandemic is to determine (to some degree of certainty) which individuals are infected, which are contagious, and which are symptomatic. The concept of “social distancing” is enhanced if we can know who is contagious…

Details

Update on Iowa

Yesterday, I wrote about two employees of CoalFire who were arrested for performing a physical pen test of various courthouses in Iowa. The article focused on the need to have a well-defined Statement of Work and contract. Well, guess what. The State of Iowa Judicial Branch released exactly these documents. And guess what? Page 12 of the…

Details

Part 4: Third Party Risk Management (TPRM) – A Series in Program Development

Part 4: – “Full Engagement” – Bringing Value to Partnerships This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your…

Details

Part 3: Third Party Risk Management (TPRM) – A Series in Program Development

Part 3: – “Strengthening Your Strategy” – How Do You Make the Most of Continuous Monitoring? This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one…

Details

Part 2: Third Party Risk Management (TPRM) – A Series in Program Development

Part 2: – “Knowing Your Ground” – What Conditions Create Third Party Risk? This is the second of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the…

Details