Information security is the process of protecting information, whatever form that information takes. We store and communicate information in many ways and forms, and information security is about protecting it. The need for information security has existed for millennia, and there is a well established profession devoted to it. Cybersecurity is a newer and indispensable subset of information security, focused on protecting information assets in digital form. Organizations should build comprehensive and holistic information security programs, which will encompass cybersecurity.

This brief and introductory article is designed to get you started on this concept, and additional resources are provided below.

…

This is an outline (with some factual nuggets) and not really an article. I use this to teach non-lawyers basic principles of law, within various courses at the undergraduate and graduate level. I thought it would be helpful for students and others to have online.

For more detail, see Chapter 5, “Fundamental Principles of Criminal and Civil Law” in my book, “Cybercrime Investigations: A Comprehensive Resource for Everyone”.

1. Introduction

There are two sayings to think about regarding the law and lawyers.

Consider what they might mean, including alternate interpretations.

1. The law is an ass.

2. The first thing…

Here’s a quick primer on the First Amendment of the United States Constitution, what it means for free speech, and how it applies to social media and other platforms for speech. Misconceptions abound since law can be confusing and because some actively disseminate false information. This short piece lays out the basics.

The United States Constitution is the foundation of all laws in this country. It establishes our system of government and puts limits upon what government can do. It created a system of checks and balances by establishing three branches of government — executive, legislative, and judicial. Our federal…

A data breach is the unlawful access of an organization’s or person’s data. Such breaches can have considerable consequences of a financial, legal, and reputational nature. Data breach is one of the three top threats that organizations and individuals should be aware of and protect against (the others are email based funds transfer frauds and ransomware).

Certain cybercriminals devote their efforts to committing data breaches. Data breaches are serious crimes under federal law and the law of every state. Indeed, even an unsuccessful attempt to commit a data breach is a crime. But when these cybercriminals are successful, the stolen…

Today, we face a diverse array of threats to our information gathering and decision making. External forces try to influence our opinions and actions, sometimes dishonestly and maliciously. Government can do better exercising its authority against some of these threats, but we have individual responsibilities too. We need to become better consumers and voters and improve our resistance to marketing, propaganda, and disinformation.

Billions of dollars are spent on digital advertising and to learn about internet users like you. The goal is to target, serve ads, and influence. Each online view of a digital ad and each click on a…

Recent articles and advisories from every state government and the federal government have warned about seeds coming from China. There has been speculation that these could be part of a nefarious foreign plot to introduce invasive plant species into the United States as a form of agricultural warfare. Another theory (which seems more credible) is this is part of a “brushing scam” to improve an online seller’s reputation.

Whatever the speculation about these seeds, this is an opportunity to learn an important fact. Many invasive plant species are already in the country, have been for decades, and are doing extensive…

Here are some thoughts about managing technology at home during the Coronavirus crisis. Technology can be frustrating and challenging during normal times, and now we need to look for ways to try make things easier, more secure, and improve your knowledge and skills. Technology is an essential asset, especially now that so many are working and going to school from home.

Cybersecurity in context

We can aid ourselves in this crisis by following two main premises of my first book, Cybersecurity for the Home and Office. First, cybersecurity begins in the home, because home is where we need to secure our family, teach…

This short article introduces good governance principles for organizations with a focus on internal rules and documentation. These principles apply across all areas of an organization, but especially to information governance, how organizations manage information assets and the important areas of cybersecurity and privacy.

Governance is the process of how organizations manage themselves. No organization is the same, with variations in mission, size, decision making and implementation, history, people, “culture”, and more. Needless to say, there is wide variety on how organizations document their rules, and how they follow them.

Internal rules: What they are and document types

Consider what an internal rule might be. It could be…