2018 North American PCI Community Meeting – Day Two Recap

Today was Day Two of the 2018 North American PCI Community Meeting. Read my Day One Recap here. Today started off really exciting, with a keynote given by Eric O'Neill - a story about FBI spy hunting calling out the common thread of insider threats. This is an issue that is certianly picking up steam, especially … Continue reading 2018 North American PCI Community Meeting – Day Two Recap →

2018 North American PCI Community Meeting – Day One

Today was Day One of the 2018 North American PCI Community Meeting. Today was a bit slower content wise as we had to deal with checking into the conference, and allowing some folks to fly in this morning. The day included two keynote talks, a third presentation, and a chance to visit the vendor showcase. … Continue reading 2018 North American PCI Community Meeting – Day One →

Vulnerability Scanning vs. Penetration Testing: What is the difference, and what is right for me?

Have you been hearing these terms thrown around by your IT or Compliance teams, but aren’t quite sure what they are talking about? This post aims to clarify the two types of testing, and provide some basic information to help identify which test is right for you.

Weekly Update #9 – Human Risk is everywhere

Recapping real world observations relevant to my recently completed SANS MGT433 course.

Weekly Update #8 – CONs and Security Awareness

2018 ISACA New England Conference This week I was fortunate enough to attend the 2018 ISACA New England Conference. Between catching up with clients and colleagues I was able to sit in on a few interesting sessions. The CISO for Verodin presented on the concept of continual control validation. The presentation was pretty interesting. The … Continue reading Weekly Update #8 – CONs and Security Awareness →