A consultant colleague recently reached out with some questions on how to craft a good organizational information security policy. I’ve got experience with this, as a graduate-level legal instructor, ...

The purpose of this policy is to provide a security framework that will ensure the protection of University Information from Unauthorized Access, loss, or damage while supporting the open ...

An information security framework, when done properly, will allow any security leader to more intelligently manage their organization's cyber risk. The framework consists of a number of documents that ...

The University at Buffalo Information Security Office maintains an Information Security Incident Response Plan providing a framework which ensures information security incidents are managed ...

Data serves as the lifeblood of most businesses today, and safeguarding its security is imperative. I believe this commitment is not merely an obligation to uphold ethical and legal standards; it also ...

The FBI is in the midst of a major rewrite of the security policy that sets minimum criteria for how its criminal justice information is protected. With the revamp, the bureau is aiming to make sure ...

A week rarely goes by without a major data security breach. Recent news includes a breach impacting an energy company’s 8 million customers, another compromising the information on 450,000 current and ...

Back in 2006, British mathematician Clive Humby stated that data was the new oil. Like oil, data isn’t useful in its raw state and must be refined, processed, and distributed to deliver value. Nearly ...

The purpose of this policy is to establish the minimum requirements for an information security awareness and training program at W&M. This policy applies to all William & Mary faculty and staff ...