the State of Security

Gene Kim

Introducing the PCI Hug It Out Podcast Series

by ~Previous Contributers

At the Security Bsides in Las Vegas this year, a call for a hug was sent out. Two of the leaders in the IT security and compliance conversation, and Mike Dahn and Josh Corman, tended to have some friction. Gene Kim, a friend with both of these guys, had observed that they both wanted to make the IT industry more secure but they had strong opinions about the affect that PCI had on that goal. These strong opinions caused a lot of tension between the two.

Read More

How Effective is PCI DSS?

by Cindy Valladares

If you’ve ever participated in a conversation about PCI with infosec professionals, you will most likely end up discussing the effectiveness that compliance initiatives have to the overall security posture of an organization. One of the most passionate experts on this precise topic is Josh Corman (@joshcorman on twitter), Security Analyst at the 451 Group. [...]

Read More

Upset about the subjectivity and ambiguity in the PCI DSS compliance standards? My #BSides submission on the answer…

by ~Previous Contributers

(First a disclaimer: Although I am part of the leadership team of the PCI Scoping Special Interest Group, everything in this article are only my opinions, not anyone else’s, or an official position of the PCI Security Standards Council.) Don’t get me wrong.  I think the mission behind the Payment Card Industry Data Security Standard [...]

Read More

Cancer and security breaches

by Dwayne Melancon

I’m a cancer survivor, and it strikes me that cancer and IT security breaches have something in common: early detection is crucial. You see, 11 years ago, I caught my cancer (malignant melanoma) fairly early, it was treated quickly, and I’ve had no recurrence since then. This was possible because a) my wife noticed something [...]

Read More

Gene Kim Video Blog: How Did We Get Hacked Even Though We Passed the Audit?

by ~Previous Contributers

We have been talking with Gene about various audit horror stories. In this episode Gene aptly names this “How did we get hacked even though we passed the audit?” Compliance is a point in time if you approach it as a project you have to complete for a test. Many people approach compliance initiatives such [...]

Read More

Gene Kim Video Blog: The Man Behind the Camera

by ~Previous Contributers

At this point you have seen lots of videos of Gene (@realgenekim) talking about his areas of passion as well as interviewing others. The other day Gene surprised me with a topic for a post. For most of those videos I (@matthixson) have been the person behind the camera and Gene wanted to do a [...]

Read More

← Previous Entries

Next Entries →