Oct 20, 2015 | Opinion, Security Leadership
In October 1995, I finally found my calling. What I found was SQL Injection, perhaps the most prevalent web site hack still alive and well twenty years later. However, what I discovered was that my calling is not about hacking websites, but rather hacking humans....
Sep 11, 2014 | Business of Security, Industry Analysis, Opinion, PCI, Security Leadership, Security Management
Every week it seems a new breach is announced with a big load of credit cards or healthcare data popping up on the various criminal exchanges. This erodes confidence in retailers and healthcare providers everywhere, as well as the integrity of the PCI DSS. Consumers...
Mar 17, 2014 | Opinion, System Security
A new article in Business Week today provides an in-depth glimpse into the infamous Target breach. Although Target had “best-in-class” security technologies and a huge information security team, they completely missed all the alerts and alarms. How did this happen,...
Feb 11, 2014 | Opinion, PCI
Recent events have caused people all over the information security community to question the efficacy of the PCI-DSS. The Target breach has become a lightning rod for debate as to how well the PCI-DSS protects organizations. In a recent blog entry, Avivah Litan from...
