Are you going to CSI-SX? standard

If so, LOOK ME UP! I’m speaking on Monday afternoon at 4pm at the conference. Hope to see you there! As always, I’ll be sending tweets! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint Patches URL Sandbox Bypass Bug

Continue Reading

Phillip Hallam-Baker adds to the fire! standard

Phillip Hallam-Baker commented recently on my post about the NRF, but specifically added to the chip and pin point. Thanks Phillip! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Continue Reading

Thanks OpenTravel Advisory Forum! standard

While others at VeriSign are headed to ETA, I took the opportunity to speak about PCI to the OpenTravel Advisory Forum in Atlanta today. A shout out to an excellent group of individuals that are in one of the more difficult industries with respect to PCI (the other being Fuel Dispensing). Thanks for the hospitality! Possibly Related Posts: PCI DSS 4.0 Released plus BOOK DETAILS! PCI Council Loses $600K in Revenue, PO Population on the Decline Why PCI DSS 4.0 Needs to be a Complete Rewrite Orfei Steps Down Should you be a PCI Participating Organization?

Continue Reading

Last Call @ the Expo standard

Just finished up with the last booth work at the show. Today was fairly slow (as to be expected), though there were still plenty of people coming through. I got to see the VeriSign VIP token work, and that was pretty cool! Hope you stopped by to get your free token! As I was leaving, the last hunters of conference trinket treasure were hurriedly making the rounds before the expo closed. All in all, quite a show. If I missed you this time, I hope to see you somewhere else soon! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service Preventing Account Takeover, Enable MFA! Proofpoint ...

Continue Reading

The Haps at RSA! standard

Today has been filled with all kinds of activities, including meeting with some customers and vendors. I just finished the first meeting of the NSS Advisory Group and I am very pleased with the direction that it is heading. I think there is a lot of promise there for helping customers figure out which vendors DO solve PCI issues, and which ones don’t. I will be AT THE BOOTH at 10am tomorrow! Please stop by! I have a pretty “Blog This!” button on (Thanks K-Dog!). Also you can follow me on Twitter at http://twitter.com/brandenwilliams. See you there! Possibly Related Posts: Level Up Cybersecurity with Kasm Workspaces Let’s Encrypt for non-webservers Selective Domain Filtering with Postfix and a SPAM Filtering Service ...

Continue Reading

VeriSign wins “Best Security Company of the Year!” standard

Thanks SC Magazine! We’ve been recognized as the Best Security Company in 2008! Here’s the part of VeriSign that I represent! VeriSign’s Enterprise Security Group (ESG) provides a best of breed suite of solutions for global companies. Beginning with our iDefense Intelligence Service that provides detailed threat information in advance. Vendors are notorious for taking anywhere from 90-180 days to patch discovered vulnerabilities. iDefense can help you understand how to mitigate before patches are available. From there, our Managed Security Services (MSS) group provides some of the best managed security services to customers according to the Gartner Magic Quadrant. Why not let your security staff concentrate on adding real security value and outsource your security device management to us? Finally, ...

Continue Reading

Arrived at RSA! standard

Well, even the FAA’s nit picking couldn’t keep me away! I’m sitting at the InterContinental waiting for some associates. There’s a very interesting crowd here at the conference. I’m looking forward to getting out to the city later on! Possibly Related Posts: RSA Conference 2013, YOU READY!? New Security Services from EMC Consulting Enable Trusted IT GRC in the NextGen Data Center Trusting Identities in the Cloud Discover Your Security Persona at RSA Conference!

Continue Reading

The Cart Before the Horse (and you can too!) standard

Clement James writes about a security expert that slams PCI, stating that the breach in the news “was almost certainly the work of hackers exploiting a single code flaw on internal systems.” The expert goes on to say that “PCI takes a relaxed attitude towards internal machines.” While I agree that there is room for improvement on internal controls for PCI, remember, it’s not designed to protect your entire enterprise. It is a basline, and you should layer security on top. The challenge is this: not until the end of last year did we see a compliance validation rate exceeding 60% among Level 1 merchants. If you make the standard too hard, you will have little or no adoption. You ...

Continue Reading

The NRF Goes Past Where the Sidewalk Ends standard

Dude. Seriously. Is anyone at the helm of the National Retail Federation? Did they forget to secure the dock lines on the U.S.S. NRF before they skipped into town for supplies, gleefully quoting Shel Silverstein’s Where the Sidewalk Ends along the way? Let us leave this place where the smoke blows black And the dark street winds and bends. Past the pits where the asphalt flowers grow We shall walk with a walk that is measured and slow, And watch where the chalk-white arrows go To the place where the sidewalk ends. In this recent three question interview with Dave Hogan, CIO of the NRF (courtesy of RIS Executive News Brief), there was either a massive case of misquoting, or ...

Continue Reading