funsec mailing list archives
Re: The PCI sky *isn't* falling!
From: "Justin Scott" <admin () dtdns com>
Date: Tue, 24 Mar 2009 08:56:39 -0400
Safer as in having a lot of eggs in one attractive basket is safer than lots of less-safe but not-worth-hacking baskets? Safer as in "big companies don't get hacked"?
The problem is that the smaller sites are worth hacking these days. The larger companies are doing a better job, and the hackers have been making increasing attempts on smaller sites. I mean safer as in "at least the payment data is going to a company that knows what it should be doing than to one who doesn't know or care what a firewall is and don't understand (or want to understand) why they have to pay for it and everything else that goes with being compliant." That's not to say larger companies can't or don't get hacked (obviously they do), but overall I think the risk is lower because the people there have some knowledge of the risk where your average small business owner usually won't take the time to have a clue. -Justin Scott _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: The PCI sky *isn't* falling!, (continued)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 23)
- Re: The PCI sky *isn't* falling! security curmudgeon (Mar 23)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 23)
- Re: The PCI sky *isn't* falling! Amrit Williams (Mar 23)
- Re: The PCI sky *isn't* falling! Paul Ferguson (Mar 23)
- Re: The PCI sky *isn't* falling! security curmudgeon (Mar 23)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 24)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 24)
- Re: The PCI sky *isn't* falling! Justin D. Scott (Mar 23)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 24)
- Re: The PCI sky *isn't* falling! Justin Scott (Mar 24)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)
- security theater is useful, stop abusing it [was: PCI] Gadi Evron (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Benjamin April (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Imri Goldberg (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] nick hatch (Mar 24)
- Re: The PCI sky *isn't* falling! David Harley (Mar 24)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)
- why is certification useful anyway? [was: PCI] Gadi Evron (Mar 24)