July 22, 2014 Added by:Joe Weiss
It is important to understand the validity of the observations and conclusions as this report is being widely quoted.
July 21, 2014 Added by:PCI Guru
Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.
July 16, 2014 Added by:Rafal Los
Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?
July 08, 2014 Added by:Joe Weiss
This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.
July 03, 2014 Added by:PCI Guru
All of you service providers out there that have remote access to your customers managed by some enterprise credential management solution, please implement a strong two-factor authentication solution on your customer credential management solution before you too become a newspaper headline.
July 02, 2014 Added by:Joe Weiss
The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.
June 30, 2014 Added by:Rebecca Herold
The power of big data analytics is so great that in addition to all the positive business possibilities, there are just as many new privacy concerns being created. Here are ten of the most significant privacy risks.
June 19, 2014 Added by:Mike Meikle
If the healthcare organization deploys an operating system patch or places their standard endpoint protection on the device, they run the risk of the vendor halting support during a device issue until the offending patch or software is removed.
June 16, 2014 Added by:Rebecca Herold
Organizations that access, in any way, some type of personal information will likely have data protection compliance requirements with which they must comply.
June 11, 2014 Added by:Joe Weiss
The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them.
White House Website Includes Unique Non-Cook... makejoh makejoh on 07-28-2014
EBS Encryption: Enhancing the Amazon Web Ser... makejoh makejoh on 07-28-2014
Security and the Internet of Things... makejoh makejoh on 07-28-2014