by Jay Heiser | March 20, 2013 | 1 Comment
It would be the rare soul indeed, who, after spending hours or even days cleaning up from a hack, didn’t feel the strong red rage of revengeful urges. And how many PC owners or site managers, still recovering lost data, time, and pride, if presented an opportunity to strike back at their attacker, to make [...]
Category: Policy risk management security Tags: hack back, hackback, hacking, law, retaliation
by Jay Heiser | June 20, 2012 | Comments Off
It is only Wednesday, and already I’ve reviewed at least 3 different policies that require employees to obey applicable laws. This is not just self-evident—its a professional cop-out. Somebody doesn’t need to spend years at a prestigious law school and then suffer through an 80-hour a week apprenticeship at a major law firm to provide [...]
Comments Off
Category: IT Governance Policy risk management Tags: law, lawyers, policy, regulatory compliance
by Jay Heiser | June 19, 2012 | Comments Off
Its not that I am categorically against the idea of law, but I am convinced that your typical corporate counsel is more motivated by personal convenience than by a sense of organizational proportion. I recognize why virtually every organizational IT policy has the requirement “you must obey the law”, but I question the utility of [...]
Comments Off
Category: Policy risk management Tags: law, legalism, policy
by Jay Heiser | December 14, 2011 | Comments Off
Even worse is a policy statement such as “all employees must obey all applicable laws.” What reasonable person would disagree with that requirement? For a start, I would.
Comments Off
Category: IT Governance risk management security Tags: law, policy, security
