My Oh My, PCI!
In my work, I’m often engaged with merchants in different verticals, doing PCI assessments. This frequently involves assisting them with their PCI Self-Assessment Questionnaires (SAQ). It’s an interesting process because the merchants ...
Keeping it Real
2012 has been a very busy year for me, so far. Last winter I took and passed the ISACA Certified Information Security Manager (CISM) exam and in February, got a plane ride ...
Change is the Only True Constant
Change is good. Sometimes it can be painful and it may take a while to get some perspective and realize you’ve grown. It’s all part of the process and I’ve learned to ...
2010 Rearview Mirror
January is a time of reflection and renewal, thinking about the past year and the present one. We use this time to measure ourselves and set or renew goals, pointing our inner ...
Cleaning the Mental Gutters
No, I’m not thinking about porn or any other nasty stuff, just reflecting that like during Fall when we clean our house gutters, it’s appropriate to think about how we think and ...
Incident Response & Catching Kittens
The other night, while my wife and I were walking Daisy, we had an ‘incident’ to respond to. Not computer related, but the principles of incident response still apply. Someone decided that ...
Sum Sum Summertime!
The calendar says its Summer although here in the Pacific Northwest, we’re not sure ~ its a cool Summer, which makes it fine for reading security books in the hammock or doing ...
A New Comunications Protocol
As information security professionals, a common refrain we hear is how difficult, but essential it is to communicate the whys, hows, and whats of security to management, other business units, partners, vendors, ...
