Sonny Discini

Is GRC just another industry acronym or is this the one we’ve been waiting for? Over the past decade, we have all been bombarded with the latest and greatest buzzwords, all designed to usher in a variety of tools and differentiate them from creaky old technologies. Given that Lucy has yanked the proverbial football away […]

As security practitioners we’re always looking for ways to secure the enterprise and all of the assets within. Many times, we focus inward when analyzing anything that may influence the security stance of the enterprise. But what happens when external, global influences impact your enterprise and all those you do business with? This is exactly […]

When we were all introduced to the PCI standard, organizations right down to mom and pop operations were hopeful that the regulation would address many of the security issues involved with payment cards. Before long, security pros in the trenches realized that the initiative added a slew of technical difficulties while executives realized the crippling […]

Over the past few years, I’ve read many articles bemoaning huge losses due to corporate security incidents. I would often ask myself, “How could this have happened?” After recently attending a security conference, I believe I’ve found the answer. I sat in a room full of members of the C-suite. For those not up on […]

My oldest daughter finally won the war and got her hands on an iPhone. As she finger swiped her way through heavily animated touch screen menus to show me why this thing was so cool, it got me to thinking about IT and IT security. Since she got the iPhone, she hasn’t touched a computer […]

Many of us have been frustrated when dealing with the legalities of security. Most of the time, after pursuing an issue down to the cause, we find that we have no way to levy consequences against the offending party. It feels even worse when companies who were less than careful while handling and storing your […]

Many are resisting upgrading to Windows Vista. Reasons range from performance issues to the general perception of few, if any, value added features. Unfortunately, many Windows users are being forced into Vista by large OEMs such as Dell. By the end of December, XP will no longer be an option when purchasing a new PC. […]

ITSec shops all over the country have been engaged in the tedious job of interpreting regulatory compliance requirements. In addition, many are faced with huge unforeseen capital investments in technologies in order to begin engineering an enterprise solution to address compliance. Even with these factors in play, more people are facing pushback from all levels […]

IT security shops are running on tight budgets these days, and operational departments are getting by on even less. Given that resources are spread thinner each year, managers and personnel alike are getting very creative when it comes to finding solutions to their problems. If you’re not careful, you can be led away from your […]

If you haven’t heard of PCI/CISP by now and you accept credit cards then you better listen up. PCI/CISP has been a requirement since 2001 and yet we’ve found ways to “back-burner” compliance. We’ve distracted ourselves with a million other operational tasks and pressed for budgets to fuel those initiatives. Meanwhile, the criminals of the […]