Administration | Branden R. Williams, Business Security Specialist

November 2009 Roundup standard

Taking a hint from Anton Chuvakin’s blog, I thought I’d start posting the five most popular posts from the previous month. If you have not had a chance to read everything here, give these five a try! Here are the five most popular posts from last month: To New Beginnings. It was an epic run. Six years with the same company, seeing it through two acquisitions/divestitures, and working with some of the best in the industry to build a world class consulting organization makes you nostalgic. It was time to move on, and lots of folks were interested! Will PCI Mandate the Use of Data Discovery Tools? Some views on the ups and downs that DLP and data discovery tools ...

To New Beginnings standard

Yep, it’s true. Today is my last day at AT&T/VeriSign where I’ve absolutely enjoyed the last six years of my career. I started thinking back to the last job I left. It was an internet service provider that was local to Dallas (long since gone belly up and litigated to pieces). It was my second job while building one of those small, two man dot-com start-ups in the mid 1990s. I left the job in 1998 when we sold our startup. That’s just over eleven years ago! I’ve been with Guardent/VeriSign/AT&T for six years. Prior to that I was with the investment company that acquired our little startup in 1998 until management decided to unwind it. Things are moving fast. ...

October 2009 Roundup standard

Taking a hint from Anton Chuvakin’s blog, I thought I’d start posting the five most popular posts from the previous month. If you have not had a chance to read everything here, give these five a try! Here are the five most popular posts from last month: MasterCard/Visa Remove Reciprocity. This post details changes made on payment brand websites that appear to remove level reciprocity on merchants. Regardless of your level, most acquirers (or acquiring functions of payment brands) will accept a higher level of validation. You should not be forced to complete a ROC and SAQ, submitting only a ROC should suffice. The Problem with Logging. Which kind of logging are you guilty of doing most? Over-logging? Under-Logging? Check ...

PCI Community Meeting, Vegas! standard

I hope to see many of you next week at the PCI Community Meeting in Las Vegas! VeriSign will have a booth and is a sponsor for the event. If you are going, please do stop by our booth and attend our sponsored cocktail hour! We’ll have some goodies and some exciting news for everyone that stops to chat! At this point, I’m not sure what kind of coverage I’ll be able to provide from the meeting, but more on that soon. Before you arrive for the sessions, I urge you to review the myriad of information available on the PCI Security Standards Council website, including the recently published SIG papers, and prepare your questions. This is your chance to ...

PCI Compliance Book! standard

We’re getting REALLY close. All of the content is in, and the publisher is working toward production! Anton & I have worked hard to bring you the most technically accurate and useful reference book to carry with you during all of your PCI DSS efforts. You will notice that the book reads much better than the first edition, and we’ve included some GREAT case studies for you! Well, I think they are great anyway; I wrote almost all of them. That was my favorite part of this process—writing the case studies. In fact, I had to put off all case study writing to the end of each chapter and use it as my motivator to get through all of the ...

Webcast, on July 7, Maintaining PCI Compliance! standard

Please join me on July 7 for an informative webcast on Maintaining PCI Compliance! To register or attend, please go to: http://www.brighttalk.com/webcasts/4431/attend. Now that Level I merchants have undergone a few annual Payment Card Industry (PCI) assessments (and Level 2 merchants are soon to be doing the same), they are addressing the realization that a mature, sustainable compliance program requires more than once-a-year rallying to prepare for, participate in, and pass an assessment. Daily operational focus and ongoing effort are vital to protect investments in compliance, manage risk, and minimize the business disruptions and costs associated with achieving and demonstrating compliance year after year. This presentation discusses best practices for building a compliance program that can be supported and maintained ...

Are you at the Gartner Summit? standard

If so, go find the VeriSign booth, and ask for Rob Harvey. He is challenging attendees to a game of Blackjack! Beat Rob, and you win! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

Read my blog on your Kindle! standard

Are you in love with your Kindle like I am in love with mine? Believe me, I like the feel and smell of a good book, but I’m really looking to cut down on the bulk and weight that I carry with me as I travel. So I broke down and finally got a Kindle. So far, I read the latest Dale Brown book in the Dreamland series entitled Rogue Forces, and a Stephen King novella entitled Ur, where the Kindle takes a lead role. On deck is Arctic Drift by Clive Cussler, and a few samples that I have downloaded to see if I want to read the entire book. Did you know you can get blogs on the ...

Herding Cats and The Art of the Compensating Control standard

OK folks, two biggies from the April issue of the ISSA. The first is this month’s issue of Herding Cats entitled, Get Compliant on the Cheap, where I review some of the fantastic commentary provided at the end of last year by JD Smith, one of our esteemed PCI Consultants. The feature of the April journal is my article, The Art of the Compensating Control. I hope that this article helps to clear up some of the fog that clouds compensating controls. Hope you enjoy, and Happy Monday! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

Join me for a Compliance Week webcast! standard

What are you doing at 2pm eastern today? If you have that annoying budget meeting, or maybe one of those late lunches with the group of folks that bug you, how about joining me for a webcast on PCI? Click here to register, and I’ll be on Twitter during the event if you guys want to interact! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Categories ArchivesAdministration