PCI-DSS is a practical standard if you comply with the spirit of the standard you will be well placed . By that i mean by implementing the controls in the standard so they are effective . For example monitor and tune the IDS and trip wire that the standard asks you to wack in instead of "set and forget" , update your SOE quarterly and modify systems to suit etc .
----
Sent using a Sony Ericsson videophone
About Me
- Matthew Hackling
- Matt runs his own security consultancy called Ronin Security. His focus is information security management and he has a keen interest in infrastructure and web application security. He's a CISSP and the current Branch Executive of the Melbourne chapter of the Australian Information Security Association.
Labels
- AISA (1)
- australian information security market (1)
- career advice (1)
- causes (1)
- DoS (1)
- economics (1)
- FUD (1)
- futurism (1)
- information security governance (4)
- IPS (1)
- privacy (2)
- sacred cows (1)
- security patching (1)
- vulnerability management (1)
Handy Links
Twitter Updates
Matt's list of blogs
-
Dear America – How much is the tip?3 weeks ago
Blog Visitors
Lijit
InterSec - ISC2 CISSP networking portal
0 comments:
Post a Comment