Categories ArchivesAdministration

Herding Cats August: Embrace the ISA Program standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, Embrace the ISA Program. Some industry folks fear the empowerment that the Internal Security Assessor program from the Council brings to the table.  I, for one, see it as an opportunity to more accurately assess PCI compliance. Oh, and the Hoffacino makes a cameo 🙂 If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally as well as the authors that you enjoy reading every month. If you are not a member, sign up today! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

Continue Reading

July 2010 Roundup standard

What was popular in July? We wrapped the month with some fantastic presentations at Blackhat, Defcon, and BSides. I am enamored with the fun stuff browsers can do (and not so fun things to the people that ineptly run them), and approaching application security with a renewed vigor. Here are the five most popular posts from last month: PCI Security Standards go to Three Year Lifecycle. More than twice as popular as its nearest challenger, this post details some of the pros and cons to the new three year lifecycle that all of the standards will adopt starting with the pending release. Tokenization and Chargebacks. The NRF making is more waves, and Visa released new guidelines. Check out this post ...

Continue Reading

Herding Cats July: Back to Basics standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, Back to Basics. This issue’s theme centered on the basics of information security, and what better time to take a step back and really evaluate what we’re doing? Are we actually accomplishing our goals? Or just treading water? And do you want to take away my man card after reading this one? If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally as well as the authors that you enjoy reading every month. If you are not a member, sign up today! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective ...

Continue Reading

June 2010 Roundup standard

What was popular in June? Would it shock you to know that my most popular post by far this month was the review on the Hoffacino?  It’s second all-time to my post on Upgrading to Snow Leopard. So if any other prominent information security pros want to have me try and review their crazy Starbucks creations, bring it on! Here are the five most popular posts from last month: Pwn3d by the Hoffacino. As @Beaker says, another one bites the dust.  I did it.  I rode the carmel colored, caffeine loaded pony known as the Hoffacino.  Who says living life through chemical stimulants isn’t fun? This was BY FAR the most popular post. Why ISAs are Good for QSAs. This ...

Continue Reading

Herding Cats June: In or Out? standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, In or Out?. This issue’s theme centered on security operations, and our industry seems to be going through a transition.  Do you insource or outsource this critical function? If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally as well as the authors that you enjoy reading every month. If you are not a member, sign up today! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug

Continue Reading

May 2010 Roundup standard

What was popular in May? Lots of fun with PCI and Facebook. I’m noticing more and more commenters on my posts… keep it coming! Here are the five most popular posts from last month: A Facebook Reality Check. Even though this was posted on 5/21, it was by far the most popular post last month.  There are a few good comments on the post, and what you DIDN’T see was a rather heated exchange with a reader about some of the opinions in the post.  I would love to get that individual on a podcast to debate the topic as I think both viewpoints are valid. PCI SSC Launches Internal Security Assessor Program. An interesting new concept by the Council ...

Continue Reading

Herding Cats May: Love the Lawyer You’re With standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, Love the Lawyer You’re With. This issue’s theme centered on information security and law, so I wanted to challenge security professionals thinking about their lawyer comrades. If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally as well as the authors that you enjoy reading every month. If you are not a member, go sign up! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

Continue Reading

April 2010 Roundup standard

What was popular in April? Consumer security and various news posts topped the list! I’m also working out the kinks on getting my daily links posted here. Here are the five most popular posts from last month: What’s a Token? This post is inspired mostly by the “vendor marketing machine” as we as security professionals try to break through the FUD to get to an apples to apples comparison ((Ran out of space before I could throw in another cliché.)).  This post tries to put a little bit of sanity back into our lives by offering up a definition of what we can call a token. Avoid Looking Like a Rookie. History was created with this one as I finally ...

Continue Reading

March 2010 Roundup standard

What was popular in March? Consumer security and various news posts topped the list! I’m also working out the kinks on getting my daily links posted here. Here are the five most popular posts from last month: The Social Security Office, an Identity Thief’s Heaven! You know your spouse cares about your livelihood when she (he) points out massive identity theft opportunities at your local Social Security Office!  Check out this wacky story based on my wife’s experience. The Mistakes QSAs Make. This one is a brand new post, but is getting a ton of attention. Well, it’s getting reads, but NO COMMENTS!  I need your comments folks!  I presented to the DFW PCI group my thoughts, but want to ...

Continue Reading

Herding Cats April: Spread the Disease standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, Spread the Disease. This issue’s theme was the Psychology of Security, and I decided to compare the thought process behind security to a psychosis.  It’s fun! If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally as well as the authors that you enjoy reading every month. If you are not a member, go sign up! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!