Author: Todd Becker, PCI QSA, ISO 27001 Auditor ‘Chip and PIN’, or EMV (“Europay, MasterCard, Visa”), is an open-standard set of specifications for smart card payments and acceptance devices and is a popular topic these days with HALOCK’s PCI clients. EMV is not a PCI requirement. However, there is a ‘liability shift’ in October 2015 that […]
If you are a Level 1 or Level 2 merchant, complying with the Payment Card Industry Data Security Standard (PCI DSS) continues to get more complicated. The stakes have never been higher for large organizations that process payments. With major data breaches constantly in the headlines like Target, Home Depot, JP Morgan Chase and countless […]
Author: Todd Becker, PCI QSA, ISO 27001 Auditor Secure development is not just for software companies and custom application development shops. Embracing secure development practices in IT and procurement functions within an organization ensures that reasonable and appropriate actions are exercised to achieve compliance to regulations and other cyber security requirements. According to a 2013 Ponemon […]
Author: Todd Becker, PCI QSA, ISO 27001 Auditor Phishing is by no means a new topic in today’s news. But the increasing complexity and targeted nature of attacks have evolved to a level of sophistication that is even phooling knowledgeable members of the IT community. The end result could just be embarrassing, but it could also […]
Author: Todd Becker, PCI QSA, ISO 27001 Auditor OWASP just released a new Top 10 for 2013, updating the list of key web application security weaknesses to reflect the evolution of the highest risk vulnerabilities. While everyone loves a good top 10 list, the fundamental question I wrestle with is, has the OWASP Top 10 been […]