Monthly ArchivesApril 2008

Are we ever safe? standard

The Register is reporting that McAfee’s “Hacker Safe” sites are not so much. In the security industry, we typically refrain from saying things are 100% secure, simply because the only 100% secure computer is the one that does not exist. Possibly Related Posts: Equifax is only half the problem, your SSN needs a redesign! Orfei Steps Down Two reports, many questions The Beginning of the End, No PCI DSS 4.0 in 2016 We Should Question Bold Claims that PCI Is “Highly Effective”

Continue Reading

On my way to CSI-SX! standard

Bout to go board my jet-fueled chariot right now. If you are going, look me up on Twitter! I’m planning on taking a cab to the hotel, checking in, and seeing if any conference goings on are… going on. See you there! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

Continue Reading

Tee Hee – Eee Pee Cee standard

GloboTV (via Gizmodo) has a story (in Brazilian Portuguese) about some crooks that used the Eee PC to steal customer’s debit information at ATMs. Tee Hee. Possibly Related Posts: Equifax is only half the problem, your SSN needs a redesign! Orfei Steps Down Two reports, many questions The Beginning of the End, No PCI DSS 4.0 in 2016 We Should Question Bold Claims that PCI Is “Highly Effective”

Continue Reading

Dave Taylor gets it right! standard

Please don’t take the title to mean that Dave doesn’t get it right often, I just wanted to laud this recent column at StoreFront BackTalk. The quote specifically that drives the nail home is: If you’re thinking that the Hannaford security breach is a very isolated “blip” and that PCI compliance is the same as securing the enterprise against security breaches, you’d better think again. Why? It’s not uncommon for merchants to turn on security controls shortly before an audit, and turn them off afterward. Could not have said it better myself, Dave. The two points he brings out are, 1) Compliance is not the same as security, and 2) you have to MAINTAIN what is assessed. I had a ...

Continue Reading

Herding Cats, April 2008 is out! standard

If you are not a member if the ISSA, click here to go sign up! I am a monthly columnist in the ISSA Journal–the publication for the association. This month I tell you how you can learn something from the Department of Homeland Security and Ron “Tater Salad” White. Possibly Related Posts: Equifax is only half the problem, your SSN needs a redesign! Orfei Steps Down Two reports, many questions The Beginning of the End, No PCI DSS 4.0 in 2016 We Should Question Bold Claims that PCI Is “Highly Effective”

Continue Reading

Are you going to CSI-SX? standard

If so, LOOK ME UP! I’m speaking on Monday afternoon at 4pm at the conference. Hope to see you there! As always, I’ll be sending tweets! Possibly Related Posts: Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug Improve Outbound Email with SPF, DKIM, and DMARC Life after G-Suite/Postini

Continue Reading

Phillip Hallam-Baker adds to the fire! standard

Phillip Hallam-Baker commented recently on my post about the NRF, but specifically added to the chip and pin point. Thanks Phillip! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Continue Reading

Thanks OpenTravel Advisory Forum! standard

While others at VeriSign are headed to ETA, I took the opportunity to speak about PCI to the OpenTravel Advisory Forum in Atlanta today. A shout out to an excellent group of individuals that are in one of the more difficult industries with respect to PCI (the other being Fuel Dispensing). Thanks for the hospitality! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Continue Reading

Last Call @ the Expo standard

Just finished up with the last booth work at the show. Today was fairly slow (as to be expected), though there were still plenty of people coming through. I got to see the VeriSign VIP token work, and that was pretty cool! Hope you stopped by to get your free token! As I was leaving, the last hunters of conference trinket treasure were hurriedly making the rounds before the expo closed. All in all, quite a show. If I missed you this time, I hope to see you somewhere else soon! Possibly Related Posts: Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug Improve Outbound Email with SPF, ...

Continue Reading

The Haps at RSA! standard

Today has been filled with all kinds of activities, including meeting with some customers and vendors. I just finished the first meeting of the NSS Advisory Group and I am very pleased with the direction that it is heading. I think there is a lot of promise there for helping customers figure out which vendors DO solve PCI issues, and which ones don’t. I will be AT THE BOOTH at 10am tomorrow! Please stop by! I have a pretty “Blog This!” button on (Thanks K-Dog!). Also you can follow me on Twitter at http://twitter.com/brandenwilliams. See you there! Possibly Related Posts: Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!