Stay Classy, San Diego!

Stay Classy, San Diego!

What was popular in April? We had Facebook all over the news with its billion dollar purchase of Instagram (do the math, $1B with 23 employees = some rich dudes) and IPO announcement, the Call for Papers for RSA Europe opened, and the security conversation seems to be continuing its momentum from RSA US!

Here are the five (ignore the first one) most popular posts from last month:

  1. RSA Conference 2012, Are You Ready? OK, you guys, for real. I finally figured out why this was the most popular post. Barney Stinson is the reason. Go look at it and you will know why (and the search term that is somehow leading all kinds of unsuspecting people here). So I’m going to call it out for what it is, but drop it from future top fives.
  2. Visa Kills PCI Assessments and Wants Your Processor to Support EMV. Is this the end of PCI Assessments? Visa threw out some timelines and program details last year that you need to know about. I reposted this one on Twitter and Christofer Hoff picked it up. Squirrel power means lots of hits!
  3. Top Five PCI DSS Mistakes that Lead to a Breach. For the second month in a row, this one is on the top five! I wrote this blog post after speaking to several insiders about the challenges small companies face when it comes to complying with PCI DSS. Many of them look at the various SAQs and panic! So while I won’t endorse not complying with the standard, what are the top five things that cause a compromise? Read this to find out!
  4. Mystery Shopper Scams Getting Aggressive! So apparently, I’m one of the last ones on the block to be targeted for this kind of scam because when I brought it up to several folks in the industry, they all shrugged at me. It was the equivalent of showing a NASCAR driver that steering wheels detach in their cars. Anyway, it still made the top five and included are links to the redacted documents I received.
  5. Why QSAs Should Not Be Your Security Partner. Here’s another one from the past, but it seemed to strike a nerve on Twitter when I reposted it last week. It’s time to separate your consultants from your assessors. Do you know what motivates QSAs?  Here is an inside scoop on what goes on inside your QSAs head, and why he doesn’t have your best interests in mind.
  6. There are no BYOD Absolutes (You’re Doing It Wrong). This was a response to a post by VPN Haus that refuted cost savings associated with BYOD. I took a different approach, and hope you enjoy!

Thanks for stopping by!

This post originally appeared on

Possibly Related Posts: