Categories ArchivesDiversions

Brando’s Rules for Success standard

I’ve had a few folks ask me if I could attribute any big life lessons that have helped me get to where I am. Things like the Golden Rule or an extremely healthy amount of respect for karma (both of which would be true for me) came to mind, but I was able to distill my guiding principles into this: Show up. Don’t be a dick. End of list. Let’s dive deeper. Show up. This rule can mean a lot of things, which is why I love it. It’s extremely versatile. Be physically present and on time to appointments when required. Don’t be a flake. Fulfill your commitments (and communicate EARLY if you need to adjust them, bad news does ...

Continue Reading

So You Want to Gong-Fu? standard

The Gong-fu Tea Ceremony is a celebrated method for brewing and enjoying tea (here’s another instructional video, and here are two posts with awesome info). When you start to spend money on higher quality leaf, the gong-fu tea ceremony will yield better results for a more immersive and enjoyable tea experience. Even lower quality tea can taste much better using the gong-fu method! Full disclosure: I’m just as lazy as the next guy some days. There are times where I can barely be bothered to rip open a single serve teabag of Queen Anne and throw it into a mug with hot water. I also have a few different ways I make loose leaf tea that are simple and get ...

Continue Reading

Blockchain Fun standard

Two posts in one week? What is this, 2009? I’ve always been interested in payment and commerce. Blockchain and crypto-currencies have really captured my attention lately as the business applications are many and game-changing. I just published an article on the topic in this month’s Tactics & Preparedness that reviews some of the basics for folks who are not familiar with the technology. When people talk about the future of payments, you can’t leave the topic out. It’s certainly more exciting than anything PCI DSS can throw out there! For those looking for more, check out this great literature review by Peter Bailis, Arvind Narayanan, Andrew Miller, and Song Han. Blockchain isn’t just for Bitcoin!

Continue Reading

Did you pre-order a Plastc? You might be able to recover your money! standard

Anyone who participates in a pre-order situation like Kickstarter or IndieGoGo is playing a little bit of a game of chance with their money. The most recent example is from a company called Plastc, which I have written about here in this blog before. Unfortunately, it appears they have run out of money and vanished with $9M of pre-orders and no product to deliver. Depending on how you paid for this order, you may be able to recover the $135 to $155 you put in as a deposit. Companies like American Express stand behind their consumers and I know of one person who was able to get his deposit back. Other companies may have different policies. Regardless, I hope that ...

Continue Reading

Is All Good News REALLY Good News? standard

Have you noticed that there has not been too much (well, really any) bad press around the PCI ecosystem lately? Perhaps everything is great! Doesn’t seem like we’ve had the same string of retail breaches that we saw in 2014 (which lead to this piece of research), even though 2016 was bad (good?) in general for cybercrime. A quick data dump from says there are around 100 related to cards since 2016, but some appear to be duplicates (Wendy’s is reported multiple times). Of course, we found out about more problems at IHG last week. Seems like big security bloggers still talk about breaches, but we don’t see the same questions around PCI DSS that we did in 2014-2015. Individuals certified or ...

Continue Reading

The PCI Council’s Revenue Generation Capability standard

The other day I was thinking about all the programs that the Council currently maintains and I wondered if it was possible to see how much money the Council actually brings in every year. I mean, every year seems to see more programs with more fee collection opportunities for the Council, but had anyone ever added all that up? So I got to researching. I started with the usual sources: LexisNexis, Hoovers, Dun & Bradstreet, and found very little information. Only one report by Dun & Bradstreet, who is notoriously inaccurate when dealing with privately held firms, of around $3.7M in 2016. Then I headed over to the IRS’s website to see if the Council had ever filed a form ...

Continue Reading

PCI Compliance, Version 3.2 Now Available! standard

Well folks, it’s finally here. What started as an experiment back in April has finally come to fruition. I’m happy to announce that PCI Compliance, Version 3.2 is NOW AVAILABLE! If you order via the CreateSpace bookstore, please use coupon code 4JRH748R for $2 off through the RSA Conference. You can also order it via Amazon here. For those who want to get the e-Book, it will be available in Kindle format by February 15 (same link as above). As always, huge thank you to all of you out there who keep the conversation going!

Continue Reading

Conference Wrap-Up, 2016 standard

As we get ready to close out 2016, there have been quite a few events I have neglected to post here. I know I owe a larger update and more tools soon, but here’s one in the meantime to recap October and November. For this post, I’m taking a cue from Bill Brenner and supplying some mood music. My mood music is a little more fun than his is, though. October and November was a busy month for speaking and writing. Here’s a quick recap. Ever wonder why it might be a good idea to segment your home network? All those smart devices have to connect somewhere. I wrote an article for Tactics and Preparedness that discusses some of these issues ...

Continue Reading

My Tea Journey, so far! standard

Many years ago, I started a long journey into the world of tea. I still consider myself a n00b, but a no0b who knows what he likes and is not afraid to try something new. A friend of mine was asking about my tea obsession so I ended up putting together this long email that represents my current thinking around the leaf. After spending all that time, I figured I’d post it here, and possibly update it over time. BTW, I recently found a guy who has an AMAZING YouTube channel if you want to learn about tea. I visited his shop in Camden Town (London) in October of 2017 and loved it! Check out his channel, or just start ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!