Skip to main content

Privacy Policy

Privacy Policy for InfoSec Made Easy

Last Updated: January 1, 2026

At InfoSec Made Easy, accessible from https://www.infosecmadeeasy.com, one of our main priorities is the privacy of our visitors. This Privacy Policy document explains what information is collected and recorded by InfoSec Made Easy and how we use it.

If you have additional questions or require more information about this Privacy Policy, do not hesitate to contact us at contact@infosecmadeeasy.com.

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regard to the information that they shared and/or collected at InfoSec Made Easy. This policy does not apply to any information collected offline or via channels other than this website.

1. Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms. If you do not agree with this policy, please discontinue use of our website.

2. Information We Collect

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

When you comment on our site (via Blogger's commenting system), we may collect your name, email address, and any information you choose to include in your comment. Comments are subject to Blogger's privacy practices as well as our own.

3. How We Use Your Information

We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our website
  • Improve, personalize, and expand our website
  • Understand and analyze how you use our website
  • Develop new content, features, and functionality
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
  • Send you emails (only if you have opted in)
  • Find and prevent fraud
  • Comply with applicable laws and regulations

4. Log Files

InfoSec Made Easy follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this as part of their analytics services. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and the number of clicks. These are not linked to any personally identifiable information. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

5. Cookies and Web Beacons

Like any other website, InfoSec Made Easy uses cookies. These cookies are used to store information including visitors' preferences and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.

For more general information on cookies, please read What Are Cookies.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website. Most web browsers allow some control of most cookies through the browser settings.

6. Advertising Partners and Third-Party Privacy Policies

InfoSec Made Easy may display advertisements served by third-party advertising companies, including Google AdSense. These third-party ad servers or ad networks use technologies like cookies, JavaScript, or web beacons in their respective advertisements and links that appear on InfoSec Made Easy. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Our advertising partners include:

Note that InfoSec Made Easy has no access to or control over these cookies that are used by third-party advertisers. You should consult the respective Privacy Policies of these third-party ad servers for more detailed information on their practices, as well as for instructions about how to opt out of certain practices.

Google AdSense & the DoubleClick DART Cookie: Google uses cookies, known as DART cookies, to serve ads to visitors based upon their visit to InfoSec Made Easy and other sites on the internet. You may opt out of the use of DART cookies by visiting the Google ad and content network Privacy Policy at https://policies.google.com/technologies/ads.

InfoSec Made Easy's Privacy Policy does not apply to other advertisers or websites. We have no ability to control the activities of these third parties.

7. General Data Protection Regulation (GDPR) — Rights for EEA/UK Visitors

If you are located in the European Economic Area (EEA) or United Kingdom, you have certain data protection rights. InfoSec Made Easy aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.

Our legal bases for collecting and using personal information described in this Privacy Policy include:

  • Performance of a contract with you
  • Your consent to the processing
  • Our legitimate interests, where those interests do not override your fundamental rights
  • Compliance with a legal obligation

If you wish to be informed about what Personal Information we hold about you and if you want it to be removed from our systems, please contact us at contact@infosecmadeeasy.com.

Under GDPR, you have the following rights:

  • Right to Access — You have the right to request copies of your personal data.
  • Right to Rectification — You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure — You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing — You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Object to Processing — You have the right to object to our processing of your personal data, under certain conditions.
  • Right to Data Portability — You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

8. CCPA / CPRA Privacy Rights — California Residents

Under the California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), California consumers have specific rights regarding their personal information. If you are a California resident, you have the right to:

  • Request that a business that collects personal data disclose the categories and specific pieces of personal data collected about you
  • Request that a business delete any personal data collected about you
  • Request that a business that sells personal data does not sell your personal data
  • Not be discriminated against for exercising any of your CCPA rights

InfoSec Made Easy does not sell personal information. If you make a request, we have one month to respond. To exercise any of these rights, please contact us at contact@infosecmadeeasy.com.

9. Children's Privacy (COPPA)

Protecting the privacy of children is a priority for InfoSec Made Easy. We encourage parents and guardians to observe, participate in, and monitor their children's online activity.

InfoSec Made Easy does not knowingly collect any personally identifiable information from children under the age of 13. If you believe that your child has provided this kind of information on our website, we strongly encourage you to contact us immediately at contact@infosecmadeeasy.com and we will promptly remove such information from our records.

10. Data Security

The security of your personal information is important to us. We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

11. Third-Party Links

Our website may contain links to other websites that are not operated by us. If you click a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this document. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us:





Terms and Conditions for InfoSec Made Easy

Version: 2026.1  |  Effective Date: January 1, 2026

Welcome to InfoSec Made Easy. By accessing or using this website at https://www.infosecmadeeasy.com, you agree to be bound by these Terms and Conditions. Please read them carefully before using the site. If you do not agree to all of these terms, please do not use this website.

1. Acceptance of Terms

By accessing and using InfoSec Made Easy, you accept and agree to be bound by these Terms and Conditions and our Privacy Policy. These terms apply to all visitors, users, and others who access or use the website.

2. Intellectual Property

All content published on InfoSec Made Easy — including but not limited to text, graphics, images, articles, and other material — is the intellectual property of Brian Weidner / InfoSec Made Easy and is protected by applicable copyright and intellectual property laws. You may not reproduce, distribute, modify, create derivative works of, publicly display, or in any way exploit any of the content on this website without our prior written permission, except as permitted by fair use or other applicable law.

You may share links to our content and quote brief excerpts for commentary, criticism, or educational purposes, provided proper attribution is given and a link back to the original content is included.

3. User Comments

Visitors may post comments on articles subject to the following conditions. By posting a comment, you represent that:

  • You are entitled to post the comment and have the right to do so
  • The comment does not infringe any third-party intellectual property, privacy, or other rights
  • The comment does not contain defamatory, offensive, indecent, or otherwise unlawful material
  • The comment will not be used to solicit or promote business or commercial activities

InfoSec Made Easy reserves the right to remove any comment at its sole discretion and without notice.

4. Disclaimer of Warranties

The content on InfoSec Made Easy is provided for general informational and educational purposes only. It does not constitute professional legal, financial, technical, or security advice. While we make every effort to keep information accurate and up to date, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, products, services, or related content contained on the website.

Any reliance you place on such information is therefore strictly at your own risk.

5. Limitation of Liability

In no event shall InfoSec Made Easy, its authors, contributors, or operators be liable for any indirect, incidental, special, consequential, or punitive damages, including without limitation any loss of profits, data, use, goodwill, or other intangible losses, resulting from your access to or use of (or inability to access or use) the website or any content thereon.

6. Third-Party Advertising

InfoSec Made Easy participates in Google AdSense and may participate in other third-party advertising programs. These programs use cookies to serve ads based on your prior visits to this and other websites. You may opt out of personalized advertising by visiting Google Ads Settings or AboutAds.info.

InfoSec Made Easy is not responsible for the content of external advertisements or the practices of third-party advertisers.

7. Affiliate Disclosure

From time to time, InfoSec Made Easy may include affiliate links in its content. If you click an affiliate link and make a purchase, we may receive a small commission at no additional cost to you. We only recommend products and services we believe add genuine value to our readers. Affiliate relationships do not influence editorial content.

8. External Links

This website may contain links to external websites that are not provided or maintained by InfoSec Made Easy. We do not guarantee the accuracy, relevance, timeliness, or completeness of any information on these external websites. The inclusion of any link does not imply endorsement by InfoSec Made Easy of the site or any association with its operators.

9. Changes to These Terms

We reserve the right to revise these Terms and Conditions at any time without notice. By continuing to use this website after any revisions become effective, you agree to be bound by the revised terms. Please check this page periodically for updates.

10. Governing Law

These Terms and Conditions are governed by and construed in accordance with the laws of the United States. Any disputes arising under or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts located within the United States.

11. Contact Us

If you have any questions about these Terms and Conditions, please contact us:

Popular posts from this blog

CISO Brief: February 11, 2026 – Critical Vulnerabilities, Nation-State Threats, and Ransomware Developments

Staying ahead of emerging threats is essential for enterprise resilience. This week brings a mix of critical vulnerabilities, advanced ransomware, and sophisticated nation-state activity. CISOs should prioritize patching, review detection capabilities, and prepare executive responses to evolving risks. Below are the top items requiring immediate attention, notable developments, and a concise action checklist. Top Items CISOs Should Care About (Priority) Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days What happened: Microsoft released patches for 59 vulnerabilities, including six zero-days currently being exploited in the wild. Why it matters: Unpatched systems are at high risk of compromise and regulatory scrutiny. What to verify internally: All Microsoft systems are patched promptly, especially endpoints and servers. Vulnerability management processes are up to date and effective. Critical assets are prioritiz...
Read more

Generative AI Governance: Using the NIST Framework to Build Trust, Reduce Risk, and Lead Secure AI Adoption

Generative AI has moved faster than nearly any technology security leaders have dealt with. Tools that can generate text, code, images, and data insights are now embedded into productivity platforms, security tooling, development workflows, and business operations—often before security teams are formally involved. For CISOs, this creates a familiar but amplified challenge: innovation is happening faster than governance, and unmanaged generative AI introduces material risk across confidentiality, integrity, availability, compliance, and trust. For aspiring information security professionals, AI governance represents a growing and valuable discipline where strategic thinking matters just as much as technical depth. The good news? We don’t need to invent governance from scratch. NIST’s AI Risk Management Framework (AI RMF) provides a practical, flexible structure that security leaders can use today to govern generative AI responsibly and defensibly. Why Generative AI Governance Matt...
Read more