PCI compliance -Security Weakpoints

The criminal hacker is out to get you – The auditors want you to have your paperwork in place. What is the real weak point that we need to focus on? http://www.scmagazine.com/compliance-with-requirement-11-in-pci-dss-drops/article/403249/ Security magazine discussed requirement 11 which is the test and validating all wireless access points. One must validate the wireless access point survey … Read more

Value of a Hacked Website

http://blog.sucuri.net/   has an interesting post about “The Impacts of a Hacked Website” This is a good line:   “We are learning the hard way, what large organizations already learned – being online is a responsibility and will eventually cost you something.” I now know that it was the Yoast  Google Analytics plug-in that caused … Read more

PCI Compliance is not Computer Security

PCI compliance has the basic settings for computer security but it will not ensure your corporation will be secure. For that to happen you must have personnel that implement security policies correctly, and it must be ingrained in all employees, as the weakest link is in our employee actions day after day.  It is difficult … Read more

Why Risk Management Model Failed Us

  Why has Risk Management  failed us? Every place you see “Accept risks” replace with Hacked computers.  JP Morgan proved this concept even with a seeming unlimited security and IT budget, some mistakes creep into the organization. 76 million accounts affected Every box with monitor and manage risks replace with Computer hacked from the internal … Read more

Security People are Scaremongerers

Here is yet another article pleading you to do something: http://www.darkreading.com/risk/6-ways-the-sony-hack-changes-everything-/a/d-id/1319415 The article paints a dark picture. The Sony hack was unique in that the hackers actually deleted files, caused employees to not be able to work at the office for a little while, although nothing appreciable happened at the Sony stock price.   What … Read more