Monthly ArchivesDecember 2012

Top Posts of 2012 standard

It’s holiday season and things are coming to a close for the year. It was an interesting one, for sure! I wanted to take a few minutes to tell you about some of the top posts in 2012. Ever wonder what will probably cause you to have a breach? This post discusses the top five reasons why PCI DSS breaches occur. This year I offered a detailed review of specific requirements (I’m still willing to do this if people have specific ones they want reviewed… email me), and here is the top one. The debate on PCI DSS often focuses on things we need to add to the standard, but I suggest that there are things we can remove. Check ...

Continue Reading

Free PCI Book Giveaway! standard

OK folks, our PCI Compliance book has been out for a few months now, and Anton & I thought it would be fun to give away second copy with another contest! We have assembled a group of three independent judges who will look at the submissions and pick winners for each competition. The winner will receive a free, signed copy of the book! In fact, it would be one of those rare “dual-signed” copies with both of our signatures (and the book will have to travel from TX to CA – or from CA to TX – for this ) So, on to the second contest (first one). Our book attempts to draw a middle line between the black & ...

Continue Reading

IDC Releases Alarming Trends for the Digital Universe standard

Nobody disputes the growth of digital information over the last decade enabled by technology developments in storage further put to use in the hands of consumers. We all create content every day; and as the phones get bigger and better processors, cameras, and radios, we can expect this to continue. To put the growth of digital information into perspective, think about how painful it was to download a thirty second HD movie clip five years ago or an entire music album ten years ago. Now we do it on our phones or tablets without thinking about it (until that data-bill comes in!). IDC released a study today (in conjunction with EMC) projecting that the digital universe will be so large ...

Continue Reading

November 2012 Roundup standard

What was popular in November? It was the month of the mustache! Ron Burgundy and Ron Swanson certainly set the bar; how did you fare? We saw the kickoff of the retail rush here in the west as well as some interesting new developments on both the virtualization  and the game theory fronts. Here are the five most popular posts from the last month: PCI Compliance Book Giveaway! Did you get your story in? Probably not as we only had four stories to choose from! We did pick a winner, and will be announcing soon. PCI Council Releases Risk Assessment Guidelines. Its the latest output from the 2011-2012 SIGs and it’s available for you! Go see why this may or ...

Continue Reading

The CNP Fraud Cliff standard

It seems like we’ve heard the word “cliff” overused recently to describe a number of doom and gloom situations from an HBR article describing Novartis’s “Patent Cliff” to the impending “Fiscal Cliff” here in the US. Well, since cliff talk sounds like fun (and includes other fun words like crag, precipice, and aerie), I thought I’d discuss another impending cliff here in the US that is only a few years away. This cliff shows up as a direct result of the deployment of EMV, and we’ve seen it in many other locales. It’s the Card-Not-Present (CNP) fraud cliff. Earlier this year, King (2012) released a compilation of information discussing Chip and PIN’s impact to fraud in a number of global ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!