The National Retail Federation is dead wrong about PCI

The National Retail Federation is dead wrong about PCI

Ben Rothke and David Mundhenk question why the National Retail Federation (NRF) is trying to lawyer-up on PCI.

07/06/2016

Message in a PCI bottle - preserving message queue integrity
Tip

Message in a PCI bottle - preserving message queue integrity

Final part in the series on achieving PCI compliance when dealing with message queues.

06/28/2016

The secrets of Israeli information security innovation

The secrets of Israeli information security innovation

In my previous piece I provided some insights on how Israel has become an information security innovation powerhouse. In closing the topic, I’ll share some insights from Gadi Tirosh who is a managing partner at Jerusalem Venture...

05/11/2016

Israel government spurs innovation

Israel government spurs innovation

See how Israel has become a leading player in the worldwide information security sector.

05/04/2016

Without information security processes, you are flying blind
Tip

Without information security processes, you are flying blind

When done well, the creation of an information security process catalog can provide significant benefits for an enterprise.

03/31/2016

Practical tips to ensure PCI DSS compliance when dealing with message queues
Tip

Practical tips to ensure PCI DSS compliance when dealing with message queues

In this final piece, I will continue with some more detailed items on how to ensure PCI message queue compliance.

02/23/2016

A guide to the RSA 2016 conference

A guide to the RSA 2016 conference

Going to RSA 2016? Failing to plan is planning to fail.

02/18/2016

How to ensure PCI DSS compliance when dealing with message queues
Tip

How to ensure PCI DSS compliance when dealing with message queues

To queue or not to queue, that is the PCI question – part 2 by Ben Rothke

02/11/2016

CyberTech – The Golden Globes of information security

CyberTech – The Golden Globes of information security

Here’s some of the most interesting firms I met with while at the CyberTech conference.

02/09/2016

To queue or not to queue, that is the PCI question

To queue or not to queue, that is the PCI question

In the first of this three-part series, I will detail issues surrounding message queuing and how to ensure it doesn’t break your PCI DSS compliance effort.

02/04/2016

Live from Tel Aviv, it’s CyberTech

Live from Tel Aviv, it’s CyberTech

I attended the Cybertech Conference & Exhibition in Tel Aviv. Now that I have caught my breath, here’s my account.

02/02/2016

How physicians can do no harm using social media

How physicians can do no harm using social media

In this article, I’ll offer some practical advice on how physicians and others in healthcare can use social media without running afoul of their HIPAA compliance office.

12/17/2015

Physicians and social media – where there’s no second opinion

Physicians and social media – where there’s no second opinion

A patient can post just about anything they want about a physician. But physician’s may be violating HIPAA if they reply to their patient via social media.

12/14/2015

Ted Koppel’s new book tells a good story but lacks facts

Ted Koppel’s new book tells a good story but lacks facts

In his new book Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath, Ted Koppel offers a lot of doomsday scenarios, but not enough facts to ensure that this is placed in the non-fiction section.

12/02/2015

Why information security jobs go unfilled
Tip

Why information security jobs go unfilled

In this 3-part series, I dealt with the issue of a shortage of people in the information security sector. In parts 1 & 2, I addressed why firms struggle to find quality information security staff. In this final segment, I’ll discuss...

11/16/2015

Don’t use general recruiters in salary negotiations

Don’t use general recruiters in salary negotiations

In part 1, I addressed why firms struggle to find quality information security staff. In this segment, I’ll discuss how recruitment can help or hinder that, and get insights from noted information security recruiter Tracy Lenzner.

11/09/2015

Prospective security employees see too many low-ball offers

Prospective security employees see too many low-ball offers

In this 3-part series, I’ll deal with the issue of a shortage of people in the information security sector. While there are a number of reasons why firms struggle to find good information security talent, I feel there are two...

11/02/2015

Doing tokenization and cloud computing the PCI way
Tip

Doing tokenization and cloud computing the PCI way

In our previous 2 parts to this article, we discussed various aspects of application security and PCI compliance. We conclude our series with a discussion of tokenization and cloud computing, and how to do it to make your PCI QSA...

09/24/2015

PCI, it's all about the app
Tip

PCI, it's all about the app

In the first part of a three-part series, we gave an introduction to the need for application security, and firms that have in-scope PCI applications have a lot to do to ensure PCI compliance. In this and the final part, Ben Rothke...

09/10/2015

Application security needs to be shored up now
Tip

Application security needs to be shored up now

In this first of a three-part series, we will explore the connection between PCI and application security. Parts 2 and 3 will detail how to ensure PCI compliance for all things application security.

08/24/2015

Load More