Brandeis University

Written Information Security Policy (WISP)

The objective of Brandeis University (“University”) in the development and implementation of this comprehensive written information security policy (“WISP”) is to create effective administrative, ...
University of Dayton

Information Security Policy

The purpose of this policy is to provide a security framework that will ensure the protection of University Information from Unauthorized Access, loss, or damage while supporting the open ...
No Jitter

How to Draft a Useful Data Security Policy

A consultant colleague recently reached out with some questions on how to craft a good organizational information security policy. I’ve got experience with this, as a graduate-level legal instructor, ...
Medicine Buffalo

Information Security Incident Response Policy

The University at Buffalo Information Security Office maintains an Information Security Incident Response Plan providing a framework which ensures information security incidents are managed ...
Government Technology

FBI Revamps Criminal Justice Data Security Policy

The FBI is in the midst of a major rewrite of the security policy that sets minimum criteria for how its criminal justice information is protected. With the revamp, the bureau is aiming to make sure ...
CSOonline

Five Ways to Turn Employees into Security Assets for Protecting Data

Never before has the threat to corporate data assets been so great—and so costly. According to Attrition.org, an industry monitoring organization, in 2007, more than 162 million records such as credit ...
CSO Online

How CISOs should utilize data security posture management to inform risk

CISOs can take a step toward a “risk-first” mindset by adjusting their use of these tools from exception handling to risk ...