August 28, 2009 - Today's required reading is an opinion piece in the New York Times "Time to be Afraid of theWeb" The article assesses the current state of Internet security and concludes that you don't have to visit risky sites or (continue reading...) Read more
August 27, 2009 - It can be really tough staying on top of developments in PCI DSS, card brand rules, risks, threats, and everything else we are supposed to know about but don't have the time to follow. I have a couple of (continue reading...) Read more
August 26, 2009 - Nearly all schools validate their PCI compliance using a Self-Assessment Questionnaire (SAQ). Nevertheless, many schools also hire a QSA to help them in the process, either with training, conducting a PCI gap analysis, designing a compensating control, or just (continue reading...) Read more
August 20, 2009 - What can PCI DSS do, and what can it not? What role may it have played or should it have played in the recent breaches?There is a discussion going on at StorefrontBacktalk that you may want to read...and be (continue reading...) Read more