Sep 19 2010

Defcon 18: The PCI Panel

Published by at 7:40 pm under PCI,Video

Waking up on the Sunday morning of Defcon to be on a panel about PCI after having been in Las Vegas for 5 days takes a lot of commitment.  Waking on Sunday morning to attend a panel on PCI, takes something else entirely.  Which is why I was so surprised to see a ton of people looking back at me from the audience when I took the stage with Jack Daniel, Dave Shackleford, Josh Corman, Alex Hutton and James Arlen.  And a book by Anton Chavakin (you have to watch the video to understand).  I consider every one of the gentlemen on stage with me to be a friend and it was a great honor to be in front of the crowd with them. Even if we do look like a bunch of hung over, middle age, geeks.  There was more interest in PCI and what it means to us than I would ever have expected.  With any luck we’ll be able to get this gang together to talk again, perhaps without the hangovers.

DEFCON 18: PCI – Compromising Controls and Compromising Security from James Arlen on Vimeo.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

2 responses so far

2 Responses to “Defcon 18: The PCI Panel”

  1. […] Defcon 18: The PCI Panel ( […]

  2. Geoff Webbon 23 Sep 2010 at 10:35 am

    Interesting stuff. I certainly salute the passion but I wonder how constructive some of this is. Sometimes a check-box *is* exactly what organizations need. It’s a very poor way to keep your information secure, but at least it provides a basis to work from. The problem isn’t that PCI is a check-box, it’s that folks stop after they’ve done the minimum and got a tick in each box. It can at the very least get the purse-strings loosened. (I’ve seen some pretty creative work by good security teams to fit what they know they need to do into the overcoat and fake moustache of a PCI program, in order to get funding.)

    Yes, PCI hasn’t made credit card data perfectly secure, and maybe it hasn’t moved the dial as far as it should, but let’s remember what it was like *before* PCI.

    Thanks for posting it – sorry I missed it in person. :)

%d bloggers like this: