Monday, March 17, 2014

PCI Compliance Is -Still- NOT Security.

Target was certified as "PCI compliant" in September 2013.  In December 2013, they lost the credit card numbers and other personal information of more than 40 million of their customers to hackers.

PCI Compliance Is NOT Security!  Sorry for repeating ourselves.

Read more: Target's compliance certification and subsequent breach.

Tuesday, March 4, 2014

When Startups Forget To Lock Their Doors.

This is a HUGE target-rich environment for cybercriminals. Companies spend money building their products, their sites, and their customer bases. But, they completely forget (or perhaps remain willfully ignorant to) the need for effective cybersecurity.  Startups (and even more established companies) spend millions on development and marketing, but they host their sites on $59/month "cloud-based solutions."  It's absurd, and the criminals know (and love) it.

Source: NYTimes (