Monthly ArchivesFebruary 2016

The Beginning of the End, No PCI DSS 4.0 in 2016 standard

Taking a cue from infosec luminary Bill Brenner, how about some mood music? Browsing Twitter last night brought me to this tweet about PCI DSS in 2016. Anybody else notice that the new redesign for the @PCISSC website is conspicuously missing the current lifecycle status #noversion4 — James Adamson (@jameskadamson) February 25, 2016 Indeed, earlier this month the Council posted a blog that revealed that PCI DSS 3.2 was the next version of the Standard, and would be the only release in 2016. I’ve previewed the proposed changes in 3.2, and I think this is a good approach for the Council this year. We can continue to debate the efficacy of the standard ad nauseam, but unless we’re going to ...

Continue Reading

Does Income Matter for Awareness? standard

Here’s another visualization to consider based on demographical data generated from my Consumer Attitudes Toward Breaches research (sponsored by MAC). Did income levels matter in breach awareness? It appears to have mattered, yes, but not in the way you might expect. Below is a graph that shows how consumers reported their awareness of breaches as separated by income level. When we add weights to our responses to make sure we are comparing apples to apples. What’s interesting here is that the smallest two and largest two income levels were the most aware of the breaches, while the middle three were much less aware. Do lower income segments watch their dollars more closely? Are higher income segments more likely to be ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!