Bill Wildprett
Suspicious Minds

My Oh My, PCI!

| | Compliance, consulting, Governance, Risk Management & Compliance, IT Auditing, PCI DSS
In my work, I’m often engaged with merchants in different verticals, doing PCI assessments. This  frequently involves assisting them with their PCI Self-Assessment Questionnaires (SAQ). It’s an interesting process because the merchants run the gamut from Level 2 through 4, size-wise, in terms of annual number of transactions. Visa defines ... Read More
Suspicious Minds

Keeping it Real

| | Careers, CISM, communication, Governance, Risk Management & Compliance, isaca, IT Certifications, PCI DSS, Personal Growth, QSA
2012 has been a very busy year for me, so far. Last winter I took and passed the ISACA Certified Information Security Manager (CISM) exam and in February, got a plane ride to Orlando to attend PCI-DSS Qualified Security Assessor (QSA) training from the PCI Security Standards Council. I’m currently ... Read More
Suspicious Minds
Change is the Only True Constant

Change is the Only True Constant

| | Careers, Incident Response, Information Security, IT Auditing, IT Certifications, Personal Branding, Personal Growth, relationships
Change is good.  Sometimes it can be painful and it may take a while to get some perspective and realize you’ve grown.  It’s all part of the process and I’ve learned to embrace or at least accept it. What’s new?  I did a stint as an incident response handler earlier ... Read More
Suspicious Minds

2010 Rearview Mirror

| | Careers, cisa, consulting, Information Security, IT Auditing, IT Certifications, Personal Branding, relationships, Risk Assessments, training, vulnerability assessments
January is a time of reflection and renewal, thinking about the past year and the present one.  We use this time to measure ourselves and set or renew goals, pointing our inner compass needles towards our own True North. Looking back, 2010 was a successful year for me.  I didn’t ... Read More
Suspicious Minds

Cleaning the Mental Gutters

| | books, cisa, critical thinking, Information Security, IT Auditing, IT Certifications, OSSTMM
No, I’m not thinking about porn or any other nasty stuff, just reflecting that like during Fall when we clean our house gutters, it’s appropriate to think about how we think and remove clogs and other impediments. For me, that means diversifying my security readings and practices and thinking about ... Read More
Suspicious Minds

Incident Response & Catching Kittens

| | Incident Response, Information Security, Security Awareness
The other night, while my wife and I were walking Daisy, we  had an ‘incident’ to respond to.  Not computer related, but the principles of incident response still apply.  Someone decided that abandoning three month-old kittens on the road down from our house was a good idea ~ ‘surely someone ... Read More
Suspicious Minds

Sum Sum Summertime!

| | books, cisa, Incident Response, Information Security, IT Auditing, Security Metrics, Security Tools, training
The calendar says its Summer although here in the Pacific Northwest, we’re not sure ~ its a cool Summer, which makes it fine for reading security books in the hammock or doing laptop stuff from the deck. So what’s cooking?  I re-encountered a tool I first learned about from Russ ... Read More
Suspicious Minds

A New Comunications Protocol

| | Careers, communication, Information Security, Psychology, social engineering
As information security professionals, a common refrain we hear is how difficult, but essential it is to communicate the whys, hows, and whats of security to management, other business units, partners, vendors, customers, etc.,  Whether its meaningful security metrics or why compliance is just the beginning of the whole security ... Read More
Suspicious Minds