First off, I want to apologize for the lack of posting. Travel across the date line is one of those things that looks like a productivity enhancer, at FIRST. Then the realization slowly sets in.
One of the articles I wanted to post on was Bill Homa (Edit: Sorry, got the spelling wrong!), the former CIO of Hannaford, who is changing his tune a little bit. Apparently, the PCI Standard is not his problem, but now he blames Microsoft for the breach that occurred on his watch.
I don’t know if you are like me, but I can’t wait for the lawsuits to start flying so that all of the speculation on this incident can end. Legal discovery can be a beautiful thing. As with most major breaches, there is not one giant big goof that you can point your finger to, there tends to be a series of events that lead to the breach.
Maybe Bill can hook up with Dave Hogan from the NRF and they can practice playing the blame game together? I imagine it would go something like this.
“I blame PCI! It’s too hard to comply with!” (Dave)
“No, it’s not strong enough! If they would have required internal encryption, things would be different!” (Bill)
“Wait, what? Dude, I’m going to have a lot of pissed off members if I say what you said.” (Dave)
“Call me dude again, and see what happens!” (Bill)
“I blame PCI! It’s not strict enough!” (Dave)
“That’s more like it.” (Bill)
“No one is listening to me anymore… you try.” (Dave)
“I blame Microsoft!” (Bill)
“Ooo, nice one.” (Dave)
It’s all fun and games right now, until the currently confidential documents become public record.
Or maybe THEN the fun and games can start?
Possibly Related Posts:
- PCI DSS 4.0 Released plus BOOK DETAILS!
- PCI Council Loses $600K in Revenue, PO Population on the Decline
- Why PCI DSS 4.0 Needs to be a Complete Rewrite
- Orfei Steps Down
- Should you be a PCI Participating Organization?