The Real Cost of Data Breach

April 16, 2009 • Published Categories Archive Tags , , , , , , , ,

(It’s more than you think—and you’re more at risk than you know.) Confusion. Denial. Plain old wishful thinking. That’s what we hear when we talk to people about the real cost of data breach. Whether you’re an ISO, an acquirer, or a merchant, maybe you’ve … Read more

Is PCI Compliance a Law? Should it be?

February 27, 2009 • Published Categories Archive Tags , , , , , ,

Is PCI compliance a law? The short answer is no. The long answer is that while it is not currently a federal law, there are state laws that are already in effect (and some that may go into effect) to force components of the PCI … Read more

Security vs. PCI Compliance

January 30, 2009 • Published Categories Archive Tags , , , , , , , , ,

Reading accounts of highly publicized data breaches over the last few months occurring in companies that are seemingly PCI compliant, begs the question, “does PCI compliance equal security?” The answer is, “it depends.” Unfortunately no business is ever completely secure, but companies can mitigate their … Read more

Data Breaches Part I – Is it Possible to Prevent the Inevitable?

October 22, 2007 • Published Categories Archive Tags , , , , , , , ,

The media’s increased focus on data breaches.  As the settlement terms of the most talked about data breach in 2007-the TJX data breach-are being assessed in the millions, the Media’s attention has only increased its focus on data breaches. Industry-specific guidelines and compliance measures, such … Read more

Data Breaches Part II: Five Steps to Manage a Data Breach

October 22, 2007 • Published Categories Archive Tags , , , , , , , , , , ,

Though a smaller data breach than its predecessors at TJX and ChoicePoint, the musical instrument company Bananas.com (Bananas at Large) was the victim of a hacker, who, according to published reports stole an administrative password by accessing Bananas.com systems as a remote user. What’s interesting … Read more