VISA had a presentation last week online to discuss this very question “PCI DSS Validation Process” We will get into the list shortly… First let’s discuss why one needs a validation process. PCI stands for Payment Card Industry and in fact the PCI standards organization is composed of Visa, Mastercard, Discover, American Express and JCB(Japan … Read more
Outsourcing is good, since we cannot specialize in everything we can focus on sales or inventory instead of mundane tasks. So what is important and what is mundane? That depends on your business… most businesses are not a software company, so obtaining software needs by outsourcing may be smart. Then the question is should you … Read more
Does the definition of unknown make measuring risk also unknown? Let’s assume a cloud account has been created on Amazon Cloud(AWS – Amazon Web Services) or elsewhere (Rackspace, Azure, or Google cloud) This cloud account will always be the Achilles heel of your Internet presence. I.e. if someone gets a hold of he main account … Read more
An interesting video from RSA Conference 2018: “There’s no such Thing as a Cyber-risk” So if you look at possible risk domains Computer Security (or Cybersecurity is not on there. Operations: errors – fraud – talent – employee engagement – safety Service Availability: capacity, resiliency, data integrity, intentional disruption Product delivery: pre-executions – release executions … Read more
Do you want to use the Internet? Computers? Tablets? Cellphones? There is no device created that is 100% secure with no risk. So now what? Risk management – is what we are supposed to do, where the risk of using something is lower than the value of using it. For example: using a computer for … Read more
