plan, protect, prosper

Prevention or Mitigation: Which do you prefer?

Christine L. Peterson, CPP, ISP Clery Act, Compliance, Corporate Compliance, News, SaVE Act, VAWA

The first role of any organization’s leadership is the protection of the organization. How leaders accomplish this and the traits that make great leaders successful is better left to industry experts and leadership coaches. In higher education, reputation is an institution’s greatest asset. Reputation attracts the talent (students, faculty/staff, business collaboration, and academic and non-academic recruitment) and resources (research, innovation, …

circuitboard with keys

Is Your Customer Data Your Greatest Asset or Your Greatest Liability (or Both)?

Protus3 Compliance, Computer Forensics, Corporate Compliance, Electronic Data Recovery, Intellectual Property

This article was originally published by Matthew A. Cordell at Ward and Smith, P.A. Customer data can be a treasure trove for an organization. Many businesses believe customer and prospect data to be their most valuable asset. Unfortunately, some have discovered that, unless handled with care, it can also be their greatest liability. Organizations of all kinds collect, store, analyze, …

High Stakes Cyber article

Private Companies Can be Liable for Failing to Maintain Adequate Cyber Security

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Intellectual Property, News, Security Policy and Procedure Development

How much customer data do you have? Is it secure? You should read High Stakes Cyber as published in Security Management. In brief, the FTC can hold companies liable for failing to maintain adequate cybersecurity, even though the commission has not defined minimum cybersecurity standards through rules or regulations. Even in this case, the court did not articulate a minimum …

Policy and Procedure Flow Chart

A Company Model for Developing Policies and Procedures

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Security Policy and Procedure Development, Security Program Development

While attending the NCMS Carolinas Chapter meeting at Cisco Systems recently, I saw a presentation by Mark Whitteker, MSIA, CISSP, ISP. Mark comes out of the IT security world, so most of his presentation focused on IT security. He also presented a segment on Building a Comprehensive Security Architecture Framework that might benefit all of us. What Mark shared with …

locked computer

Data Security: Where There Is Data, There Should Be Policy

Russell W. Gilmore, CISSP, CISM, EnCE Business Continuity Planning, Compliance, Computer Forensics, Corporate Compliance, Crisis Management Planning, Electronic Data Recovery, Security Policy and Procedure Development, Security Program Development

The recent report by the Wall Street Journal about the Morgan Stanley breach scares me as an employee. Reportedly Galen Marsh, a financial adviser for Morgan Stanley, was fired for allegedly stealing account information from about 350,000 wealth management clients and posting some of it online. The part that concerns me are the reports that federal law enforcement officials are …

sick person

Avoiding Pandemic Paranoia

Billy Gordon Green, Jr. M.Ed., CPP, CHS Business Continuity Planning, Compliance, Corporate Compliance, Crisis Management Planning, Security Planning, Security Policy and Procedure Development, Security Program Development, Training

Twice during the past decade and a half, the specter of pandemic has been a cause for prudent worry in the public health sector, among business continuity planners, and certainly within the security community. Security professionals would not be tasked with reducing the impact upon the public or generally with providing for the continuity of operation for a large corporation, …

Christine Peterson

Chris Peterson Guest Speaker on WCOM 103.5

Protus3 Compliance, Corporate Compliance, Embezzlement, Fraud, News, Security Planning, Security Policy and Procedure Development, Security Program Development, Theft, Theft, Embezzlement, and Fraud

On Tuesday, April 1, 2014, Chris Peterson was the guest speaker on the program “Focus on Business” hosted by Lea Strickland which aired on radio station WCOM 103.5. “Focus on Business” provides insights, information and perspective on building strong businesses, sustainable businesses that build sustainable communities. Guests include area business leaders, experts and professionals who share their experience. If you …

Jeanne Clery

The Clery Act – Costs of Noncompliance

Christine L. Peterson, CPP, ISP Civil Rights, Clery Act, Compliance, Corporate Compliance, Ethics, Security Survey

The Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, 20 U.S.C. § 1092(f)(2011), is a federal statute requiring colleges and universities participating in federal financial aid programs to maintain and disclose campus crime statistics and security information. The U.S. Department of Education conducts reviews to evaluate an institution’s compliance with Clery Act requirements. A review may …

power shift button

Held Hostage by a Dishonest Employee

Russell W. Gilmore, CISSP, CISM, EnCE Compliance, Computer Forensics, Corporate Compliance, Security Policy and Procedure Development, Security Program Development, Theft, Theft, Embezzlement, and Fraud

I recently was involved in a case in which a company employee was discovered using a company credit card for personal reasons. This happens occasionally, and one would think that immediately terminating the dishonest employee would resolve the issue. But what happens when the employee is the one and only IT person for the company? Many companies have only one person …