PCI Isn’t Risk-based! (and other PCI myths)

As an infosec practitioner and QSA, I’ve been deeply involved in PCI since its inception. As a former educator (I taught high school social studies for eight years), I believe in the reductionist method for teaching complex subjects. In these articles I will combine my experience to deconstruct many of the problems – typically rooted …

Windows 7 support is ending. Are you prepared?

Our old friend Windows 7 is facing retirement on January 14 with the end of extended support. What does this mean for you? If you’re still running Windows 7, then you’re going to have issues in several areas such as PCI, NIST, HIPAA, and GLBA to name a few. In nearly every framework, standard, and …

Will It Take a Breach for You to Take the Next Maturity Step?

Everyone (er, almost everyone) has had the experience of growing up – maturing if you will. You likely had people teach you and thoughtfully impart to you some knowledge. And, if you’re like me, you didn’t always pay attention. I had to make mistakes for myself to learn. When it comes to compliance and risk, …