847.221.0200  Main Office

Halock Blog


Author: Todd Becker, ISO 27001 Auditor, PCI QSA 
‘Chip and PIN’, or EMV (“Europay, MasterCard, Visa”), is an open-standard set of specifications for smart card payments and acceptance devices and is a popular topic these days with HALOCK’s PCI clients. EMV is not a PCI requirement. However, there is a ‘liability shift’ in October 2015 … Read More »


Author: Todd Becker, ISO 27001 Auditor, PCI QSA 
If you are a Level 1 or Level 2 merchant, complying with the Payment Card Industry Data Security Standard (PCI DSS) continues to get more complicated.  The stakes have never been higher for large organizations that process payments.  With major data breaches constantly in the headlines like Target, … Read More »

Why should every organization embrace secure development? »

Author: Todd Becker, ISO 27001 Auditor, PCI QSA 
Secure development is not just for software companies and custom application development shops. Embracing secure development practices in IT and procurement functions within an organization ensures that reasonable and appropriate actions are exercised to achieve compliance to regulations and other security requirements. According to a 2013 … Read More »

PHEATS OF PHISHING – Will you be prepared when it happens to you? »

Author: Todd Becker, ISO 27001 Auditor, PCI QSA 
Phishing is by no means a new topic in today’s news. But the increasing complexity and targeted nature of attacks have evolved to a level of sophistication that is even phooling knowledgeable members of the IT community. The end result could just be embarrassing, but it could also … Read More »

Has The OWASP Top 10 Been Effective For Web Applications? »

Author: Todd Becker, ISO 27001 Auditor, PCI QSA 
OWASP just released a new Top 10 for 2013, updating the list of key web application security weaknesses to reflect the evolution of the highest risk vulnerabilities. While everyone loves a good top 10 list, the fundamental question I wrestle … Read More »