Search Results

Blog

Category

The Failure of the PCI-DSS?

The Failure of the PCI-DSS?

Recent events have caused people all over the information security community to question the efficacy of the PCI-DSS. The Target breach has become a lightning rod for debate as to how well the PCI-DSS protects organizations. In a recent blog entry, Avivah Litan from...

CISPA and the Insanity of Information Security Politics

Guess what, I am an idiot. At least when roofing a house is concerned. Unfortunately, this makes me susceptible to less than scrupulous roofing contractors. They tell me that if I try to do it myself, I will nail my hand to the boards, fall off the roof or crush...
PCI: I Find Your Lack of Scope Disturbing

PCI: I Find Your Lack of Scope Disturbing

Anybody who has spent more than a few nanoseconds working on PCI compliance invariably has been confronted with the mystical challenges of scope. What is considered in-scope for PCI compliance? How do you limit scope? And what constitutes the Cardholder Data...