Forrester just started calling lost credit card numbers “toxic asset”. Since when is data that is publicly available toxic?
Read more »I’ve been saying for a long time now that compliance standards like PCI DSS 1.2 have created a marketing franchise for auditors instead of improving security. Empirical evidence of the past 2 years suggests that compliance focuses on meeting auditor requirements instead of assuring actual security of your systems and customer data assets. Here’s an …
Read more »