PCI Requirement 6.6 – Confusing the confused
PCI Requirement #6.6 has been in the news for quite some time, primarily because complying with it is not trivial. PCI Security Council published a press release on April 22, 2008, hoping to clarify...
View ArticleShould the government issue tickets for vulnerabilities?
I was talking with a friend of mine today about the state of the Web in regards to data breach, privacy and Web site security and this interesting question arose. “Should the government issue tickets...
View ArticleGovernment now asking if PCI is enough…
Today, I read an article on Computerworld regarding PCI security standards. Apparently a recent House of Representatives hearing was quite eventful. The hearing was a meeting between the retail sector...
View ArticleMissouri’s new Data Protection Disclosure Law
Although maybe unnoticed, a month ago Missouri finally joined that heady club called “states which have Data Privacy Laws.” On 28th August, the “Missouri Data Breach Notification Law,” or House Bill 62...
View ArticleDOD Should Demand Built-in Thumb Drive Defense
Last year, the U.S. Department of Defense (DoD) temporarily banned the use of thumb drives and other removable storage devices because viruses, worms and malware were uploaded to their network. Think...
View ArticleThe 3 R’s: Riches, Ruins & Regulations
We previously wrote about what it means to be a security-obligated executive – how to identify threat warning signs and prep against cyber-attacks. Historically either the C-suite and the security...
View Article
