Branden R. Williams, Business Security Specialist

Herding Cats, April 2008 is out! standard

If you are not a member if the ISSA, click here to go sign up! I am a monthly columnist in the ISSA Journal–the publication for the association. This month I tell you how you can learn something from the Department of Homeland Security and Ron “Tater Salad” White. Possibly Related Posts: Equifax is only half the problem, your SSN needs a redesign! Orfei Steps Down Two reports, many questions The Beginning of the End, No PCI DSS 4.0 in 2016 We Should Question Bold Claims that PCI Is “Highly Effective”

Are you going to CSI-SX? standard

If so, LOOK ME UP! I’m speaking on Monday afternoon at 4pm at the conference. Hope to see you there! As always, I’ll be sending tweets! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug

Phillip Hallam-Baker adds to the fire! standard

Phillip Hallam-Baker commented recently on my post about the NRF, but specifically added to the chip and pin point. Thanks Phillip! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Thanks OpenTravel Advisory Forum! standard

While others at VeriSign are headed to ETA, I took the opportunity to speak about PCI to the OpenTravel Advisory Forum in Atlanta today. A shout out to an excellent group of individuals that are in one of the more difficult industries with respect to PCI (the other being Fuel Dispensing). Thanks for the hospitality! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Last Call @ the Expo standard

Just finished up with the last booth work at the show. Today was fairly slow (as to be expected), though there were still plenty of people coming through. I got to see the VeriSign VIP token work, and that was pretty cool! Hope you stopped by to get your free token! As I was leaving, the last hunters of conference trinket treasure were hurriedly making the rounds before the expo closed. All in all, quite a show. If I missed you this time, I hope to see you somewhere else soon! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint ...

The Haps at RSA! standard

Today has been filled with all kinds of activities, including meeting with some customers and vendors. I just finished the first meeting of the NSS Advisory Group and I am very pleased with the direction that it is heading. I think there is a lot of promise there for helping customers figure out which vendors DO solve PCI issues, and which ones don’t. I will be AT THE BOOTH at 10am tomorrow! Please stop by! I have a pretty “Blog This!” button on (Thanks K-Dog!). Also you can follow me on Twitter at http://twitter.com/brandenwilliams. See you there! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service ...

VeriSign wins “Best Security Company of the Year!” standard

Thanks SC Magazine! We’ve been recognized as the Best Security Company in 2008! Here’s the part of VeriSign that I represent! VeriSign’s Enterprise Security Group (ESG) provides a best of breed suite of solutions for global companies. Beginning with our iDefense Intelligence Service that provides detailed threat information in advance. Vendors are notorious for taking anywhere from 90-180 days to patch discovered vulnerabilities. iDefense can help you understand how to mitigate before patches are available. From there, our Managed Security Services (MSS) group provides some of the best managed security services to customers according to the Gartner Magic Quadrant. Why not let your security staff concentrate on adding real security value and outsource your security device management to us? Finally, ...

Arrived at RSA! standard

Well, even the FAA’s nit picking couldn’t keep me away! I’m sitting at the InterContinental waiting for some associates. There’s a very interesting crowd here at the conference. I’m looking forward to getting out to the city later on! Possibly Related Posts: RSA Conference 2013, YOU READY!? New Security Services from EMC Consulting Enable Trusted IT GRC in the NextGen Data Center Trusting Identities in the Cloud Discover Your Security Persona at RSA Conference!

Are you at RSA? standard

I arrive tomorrow and will see you there! Please stop by the VeriSign booth! Possibly Related Posts: Top Posts from 2015 October 2015 Roundup September 2015 Roundup August 2015 Roundup June-July 2015 Roundup

The Cart Before the Horse (and you can too!) standard

Clement James writes about a security expert that slams PCI, stating that the breach in the news “was almost certainly the work of hackers exploiting a single code flaw on internal systems.” The expert goes on to say that “PCI takes a relaxed attitude towards internal machines.” While I agree that there is room for improvement on internal controls for PCI, remember, it’s not designed to protect your entire enterprise. It is a basline, and you should layer security on top. The challenge is this: not until the end of last year did we see a compliance validation rate exceeding 60% among Level 1 merchants. If you make the standard too hard, you will have little or no adoption. You ...