I pen this mini-tome on “GDPR Enforcement Day”. The spirit of GDPR is great, but it’s just going to be another Potempkin Village in most organizations much like PCI or SOX. For now, the only thing GDPR has done is made GDPR consulting companies rich, increased the use of javascript on web sites so they… Continue reading
Post Category → Compliance
Alternative to Grouped Bar Charts in R
The #spiffy @dseverski gave me this posit the other day: Hey, @hrbrmstr, doughnut chart aside, how would you approach the first graph at http://t.co/zjHoHRVOeo? Bump chart? Trend line? Leave as is? — David F. Severski (@dseverski) October 25, 2013 and, I obliged shortly thereafter, but figured I’d toss a post up on the blog before… Continue reading
Security & Privacy Of Mountain Lion’s Dictation Feature
With Gizmodo doing a post hyping Mountain Lion’s new dictation feature it’s probably a good time to note that folks in regulated environments or who just care about security & privacy a bit more than others should not enable or use this feature for the dictation of sensitive information. From Apple’s own warning on the… Continue reading
Crossroad of ERM and the Parallels to IRM
Had to modify the latimes URL in the post due to a notice from Wordfence/Google I was reviewing the – er – highlights? – from the ninth ERM Symposium in Chicago over at Riskviews this morning and was intrigued by some of the parallels to the current situation in enterprise security risk management (the ERM… Continue reading
Behind The Mask : Supporting The New CIO Personas
This morning, @joshcorman linked to an article in the Harvard Business Review “The Conversation” blog that put forth the author’s view of The Four Personas of the Next-Genereation CIO. The term persona is very Jungian and literally refers to “masks worn by a mime”. According to Jung, the persona “enables an individual to interrelate with… Continue reading