PCI DSS and Compliance: Just a Tick Box Exercise?

June 13, 2012

According to Neira Jones, Head of Payment Security at Barclaycard, compliance should be a natural byproduct of good risk management and information security practice...

Comments  (0)


Hacker Halted: Mike Dahn and Martin McKeay on Compliance in the Cloud

November 03, 2011

"Your management fears the auditors more than the hackers. So why is it they're looking at moving cardholder data so quickly? Because 'cloud computing' is the new marketing buzzword that promises to do everything..."

Comments  (0)


RSA: Steve Hall - "The True Cost of Compliance"

February 16, 2011

Anthony M. Freed interviews Steve Hall from TripWire. We appreciate Steve taking the time to share with us the highlights of the "The True Cost of Compliance" report, the first real benchmark study that illustrates the value of compliance over inaction that is backed up by hard data.

Comments  (0)


DEFCON 18: PCI - Compromising Controls and Compromising Security

September 20, 2010

PCI at DefCon? Are you on drugs? Sadly, no- compliance is changing the way companies "do security", and that has an effect on everyone, defender, attacker, or innocent bystander. If you think all that 0-day you've heard about this week is scary, ask yourself this: if a company accepts credit cards for payment, which is a more immediate threat- failing an audit or the possibility of being compromis...

Comments  (0)


the UNPROTECTED - Episode 3

September 18, 2010

Quirky jR. DBA Shelly champions DbProtect, but smarmy programmer Frank endorses a “band-aid” solution. Meanwhile, the clock ticks.

Comments  (0)