Tim Holman - 2-sec

Posts by Tim Holman

Euronet reports breach at European business

Payment processor Euronet Worldwide Inc said a “small portion” of its European business was the target of a criminal security breach late last year, sending its shares down as much 6 percent… - http://www.reuters.com/article/2012/01/23/us-euronetworldwide-idUSTRE80M2ET20120123 What’s worrying here that when you’re dealing with a payment processor, even a “small portion” can add up to a huge number [...]

Top Five Security Predictions for 2012

To get 2012 off to a start, I have five security predictions for the year ahead: 1) Brownouts I predict a major brownout to occur during 2012. By brownout I mean a critical failure in a key system due to over-capacity, with far reaching consequences. Something somewhere is going to be overloaded and fail spectacularly [...]

Being compliant doesn’t make you secure…

I’ve been to a few talks lately and it seems to be a growing theme. People think that being compliant doesn’t make you secure, and that to be “secure” you need to exceed what you are doing at a compliance level. I have to say I disagree, and I wish people wouldn’t keep quoting such [...]

ISSA-UK Event – Trends in Information Security, Leeds

Our next ISSA-UK event is on Tuesday 22nd November, 2011, at PWC in Leeds. Information Security / Computer Security changes and evolves constantly. What are the latest trends? ISSA brings you some thoughts on potential issues which we need to consider as a part of the corporate security strategy. Agenda: 16:00 Registration 16:30 Introduction, Les [...]

ISSA-UK Microsoft Security Day, London 13th Dec 2011

ISSA-UK and Microsoft have arranged a Microsoft Security Training Day on Tuesday December 13th, 2011. The aim of Security Training Days are to educate delegates as to new developments in technologies and solutions that will help them in their day-to-day security roles. This event is worth 5.5 CPDs/CPEs to contribute toward your ongoing security training [...]

Incident Response Training – Bristol, Wed 9th November 2011

ISSA-UK are holding their next training workshop in Bristol on Wednesday 9th November, 13:30 – 17:30. This is essential training for anybody with full or partial responsibility for Incident Response Management within their respective organisations. You will be hearing from our highly experienced workshop leader, Adrian Wright, ex-CISO Reuters and CEO/founder of Secoda, whom has [...]

Risky Business and Quick Win Compliance

I ran a couple of sessions at RSA Europe 2011 to talk about PCI DSS and Risk Based Compliance. What struck me was the make up of the audience. One or two years ago, I could have put good money on the make up of the audience being 90% merchants, but now, an equal balance [...]

Taking a Risk Based Approach to PCI DSS Whilst Still Checking the Boxes

I’ll be talking about PCI DSS and Risk Based Approaches at RSA Europe this week, Thursday 13th October at 13:00 – 13:50. If you are planning to attend, would be great to see you. If you can’t make it, you can download my presentation here: GRC-304 – Taking a Risk Based Approach to PCI DSS [...]

Risk, Risk Management and PCI DSS, part 2

You might have noticed things have gone a little quiet round here, as my last blog post seemed to get me into a spot of trouble… Anyway. It’s certainly not my style to tread on the feet of a major UK acquirer and in the end I was asked to remove the names of the [...]

Risk, Risk Assessments and PCI DSS

We all know what risk is. It’s like stepping outside of the house in the morning, looking up at the sky, working out whether or not you think it’s going to rain and then working out whether or not it’s going to rain enough to warrant taking an umbrella, full waterproofs or avoiding the rain [...]

12 3 4 5