Security: Fail-to-Plan Plan-to-Fail
Yes I am sure you heard the saying: If you fail to plan, Plan to fail How does one plan for as secure as possible while also meeting business objectives?…
Oct: Swipe&Sign + Breach = Merchant Liable Not CC companies
The Cybersecurity field knows this has been in the works for a year now, and in 5 months it will happen. Chip in a Credit card The US will catch…
How much Security is enough?
Tim Wilson at DarkReading is discussing a little on how to discuss security issues, goals, and concerns. Of course his message is a basic and simple one how much should…
Where does PCI Compliance Fail?
Put another way if everyone keeps saying being PCI compliant does not mean being secure, where exactly does this occur – the failure of PCI compliance? One major difference is…
Risk Management Framework
If you had to start over how would you do it? The NIST (National Institute Science Technology) document is a good place to start http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf Publication 800-37 Guide for Applying…