Dark Reading continues its obsession with physical security:
Network dude rassels potential bad guy, followed by a stern warning on what a scary world it is out there, cause physical attacks hurt.
Forgive me if I'm out of line, but why would I hire a network security guy to dress up as a maintenance dude to steal a laptop out from under an executive? Especially since there are skilled investigators who could get a signed confession and all his passwords from just talking to the accused. I wouldn't going to hire an investigator to secure my network, and I shouldn't ask a network security guy to conduct fraud investigations. I'm not going to hire the network guy to run my HR department either.
The Bank Lawyer celebrates PCI Awareness Month early, with his take on the TJX Incident. Nice run down of all the parties involved. His characterization of the consumer is incomplete:
The consumers' concern for nuance extends only to the following extent: "I see a sturdy live oak right over yonder. Let's get us a rope and hang him."The consumer is likely to be distracted by a shiny object on the way to the noose dealership, since he or she has no loss. Credit card numbers are becoming more a disposable commodity, unlike SSNs, HDL levels or Sudafed consumption. Coming this summer: Retailers v. Credit Cards v. Banks Smackdown at the Legislative Arenadome.
Photo from Henrier.