Tag: PCI

The Immutable Friday Fav Five for September 9, 2011

Here are the five links that I found interesting for this week: The Shadowserver foundation is comprised of a group of volunteer security professionals who gather information about Internet-based crime. One of the more interesting projects is a compilation of

Posted in Computer Crime, Dialogue, Incident Response, Intrusion Detection, Log Analysis, Research, Secure Administration, Secure Design, Standards, Systems Hardening Tagged with: ,

Why Some Merchants Should Not Worry About PCI Part II

Yesterday, I wrote a post saying that the lady who cuts my hair needs to comply with 100% of the PCI standard. This was based on my experience in PCI in corporate environments, some of which do not actually store

Posted in Dialogue, Risk Management, Standards Tagged with:

Why Some Merchants Should Not Worry About PCI

When I had my hair cut today, I got to thinking about what level of responsibility this small business should have to protect my credit card data. This is not some big chain. It’s one lady with a couple of

Posted in Dialogue, Risk Management, Standards Tagged with:

Should Hannaford Pay?

Awhile back, I wrote an article for the “Security Catalyst” blog about the economics of data breaches. In the article, I wondered if companies should compensate customers for poor handling of their information, even before a breach. Since companies often

Posted in Computer Crime, Dialogue Tagged with: , ,