Author Archives: David Lineman
The Shared Password Strikes Again!
One of the most intriguing cyber-security stories ever is the recent hack and public smearing [...]
Security Policies to Address Internal Threat
We hear reports of new data breaches almost daily. While most of them are fairly [...]
Jul
Security Policies to implement the DSD Top 35
In July 2011, The Australian Defence Signals Directorate (DSD) published an updated list of their [...]
Does my organization need information security policies?
In general, every business should have some number of information security policies. For example, any [...]
Aren’t information security policies only for large organizations?
Regardless of an organization’s size, industry, geographical location, or the extent to which it uses [...]
Who should develop information security policies?
Ideally, information security policies should be developed by a small team. While there are no [...]
How do we develop information security policies?
There are many excellent references with detailed instructions on how to develop information security policies. [...]
How often should we update information security policies?
A good rule of thumb is this: Information security policy documents should be updated at [...]
What is the difference between security policies, standards and procedures?
Sometimes the nomenclature used to define information security policies and related documentation can be confusing. [...]
Who should read information security policies?
Security policies are generalized requirements that must be written down and communicated to certain groups [...]