Recent Posts Tagged With 'pci dss'

• Blame the auditors: What a concept!

  Posted on Thursday August 13th, 2009 at 08:02 in Privacy, network security, risk management, hipaa, data security, breach, business continuity, pci dss, security management, ephi, threat modeling

  I have never thought of this.  After a breach, just blame the auditors.  Wait.  The reason I hadn’t thought of it is because passing a compliance audit IS NOT ASSURANCE OF SECURITY.  But some still don’t get it. In an interview with CSO’s B...

• System physical security should include mobile device asset management

  Posted on Wednesday May 27th, 2009 at 21:43 in Mobile, Privacy, laptop, encryption, hipaa, federal, breach, business continuity, mobile data, pci dss, pii, physical security

  Mobile device encryption solutions should be supplemented to some degree—depending on the organization—by a mobile device physical management process....

• Wobbly Security Frameworks are Often Fixed by Turning a Few Screws

  Posted on Friday May 15th, 2009 at 14:00 in risk, risk management, pci dss, security management, pii, ephi, threat modeling

  Paying attention to the little stuff is a prerequisite for planning a security control framework....

• Fear, Trust, and Desire: Fertile ground for social engineers

  Posted on Friday April 10th, 2009 at 09:42 in Security, risk, malware, network security, risk management, hipaa, data security, breach, business continuity, intrusion, cybercrime, pci dss

  User behavior is becoming the largest cause of data leakage as cybercriminals adjust tactics to take advantage of common human behavioral traits....

• PCI DSS is a get out of jail free card

  Posted on Thursday April 2nd, 2009 at 08:21 in risk management, data security, federal, breach, business continuity, cybercrime, pci dss, piracy legislation

  The problem with security standards is they often are a get out of jail free card for organizations which believe in doing only the bare minimum necessary to stay out of trouble....

• PCI DSS Compliance Made Easier, but Upside Down

  Posted on Monday March 16th, 2009 at 17:18 in Security, risk management, piracy, data security, federal, breach, cybercrime, pci dss

  PCI DSS just became a little simpler, but the tool set provided is a little upside down....