Categories ArchivesAdministration

What was popular in January? We’re already one month down in this new year and most of us have our sites set on RSA Conference in three weeks. Let’s talk infosec! Here are the five most popular posts from last month: Myth Busting with Ben Tomhave and Corporate Responsibility with Ben Tomhave took the top two spots this month. Ben Tomhave and I got into a fun discussion over Twitter that ended up going in two directions. First, can merchants self-assess, negating the need for a QSA-lead merchant assessment? Intelligence Driven Security. The latest Security for Business Innovation Council report is out, and one key indicator is that we have tuned our systems to support compliance, not security. Read this ...

What was popular in November? It looks like retail is having a good time, and we added jobs and reduced unemployment while a major airline declared bankruptcy. Here are the five most popular posts from last month: Attack the Humans First. For the second month in a row, this one took the top spot! The attackers are changing, and we’re not changing fast enough to combat them. Check out this post that goes through the human element of information security. Where is your Chaos Monkey? This one is in the top five for the second month in a row as well. Netflix has one, where’s yours? PCI DSS Feedback Period Begins Today! Everyone has an opinion about PCI DSS, so ...

What was popular in September? The PCI Community Meeting in Scottsdale was one big highlight! I spent a week in AZ dealing with all manner of PCI-related topics. And we also saw Oracle’s CSO go out on a limb she probably shouldn’t have, especially in light of the MySQL defacement that happened last week. Be sure to check out all my “Conversation” interviews! Here are the five most popular posts from last month: PCI Community Meeting Day 1 Observations. This month is all about PCI, and specifically the community meeting and things leading up to and following. What was Day 1 like? Check this post for a preview of the social-media heavy meeting! PCI Community Meeting 2011, That’s A Wrap. ...

What was popular in August? I had some fun with Visa’s TIP program, and in fact, just made a final post on the topic (for now) yesterday. Merchants in the middle of technology upgrades have some decisions to make on what they deploy and how they choose to process payments. We also saw our first (that I have a record of) public revocation of a QSA’s status. Here are the five most popular posts from last month: PCI Coucil Revokes QSA Status (Finally?) It had to happen SOME time. With QSA popularity at an all time low, it looks like the Council finally took action against a QSA. See the details here, including some instructions on what to do if ...

What was popular in July? It was an Apple friendly month with more iCloud discussions, Lion, replacing my iPhone, and polls about a stricter PCI DSS. We also saw some mobile payment applications make their way back onto the PA-DSS approved application list, and a flurry of discussion around social media, mostly centered on Google+. Here are the five most popular posts from last month: Security Tips for Non Techies. What is it that you do again? The truly brilliant among us can take our complex jobs and describe them to non-techies in words they understand. But how do you explain the WHY and HOW in simple terms? Don’t fret, DHS did it for you. Learn more here! Audience Participation: ...

What was popular in June? It was iCloud, PCI Council fun with mobile payments and the updated prioritized approach document, and an older post that surfaced in the top five again this month around the quality of QSAs. Here are the five most popular posts from last month: iCloud Security Questions. WWDC unveiled some pretty cool new things from the overlords at Apple, but one of the most interesting to me was the unveiling of the iCloud service. Check my thoughts on some of the security concerns that must be addressed before you consider wide adoption. Updated Prioritized Approach. You cannot cookie-cutter PCI DSS, but if you see it as a crazy daunting task and are at a loss when ...