I’ve been traveling a lot lately and, although I’ve read and had lots of commentary about a number of blog posts and news article recently relating to retail security, I haven’t had the time to write them down and post them…
So I’ve decided that I’m going to post a summary of the posts and articles that I’ve read over the last week or so that I’ve thought were interesting and relevant.  This isn’t what I’d really prefer to do - I’d much rather take the opportunity to rant about something …

This one has some significant implications for software security and the role & responsibility of technology vendors.  Here’s the link:
Radiant Systems and Computer World responsible for breach affecting restaurants – lawsuit
What’s most interesting to me in all of this is that fact that the restaurants seem to ‘get it’ - they understand the holistic impact of PCI on process, procedures, technology, etc. and, after being smacked around by the card brands for being the merchant where the breach occured, they have taken that holistic understanding and are working to hold …

StorefrontBacktalk - How To Sell PCI To Business Units.
Great post about how to get attention internally for information security and PCI projects.  Too often, info. security is seen as an IT problem or an Audit problem and the truth is, it’s a BUSINESS ‘problem’ that needs to be understand and addressed through business terms.
What we’re really talking about is ‘brand’ security - providing your customers peace-of-mind and a level of comfort that supports your brand in their purchasing universe.  Brand relates to sales, profits, marketing, etc. and brand is going …