The links are a little messed up, so you might want to wait until about 10AM tomorrow to take a look, but, my newest NetSPI post is up.
Also, if you are interested in understanding a bit more about how PCI impacts industries outside of retail and hospitality or in looking through some more technical posts on penetration testing and the like, I’d tune into the NetSPI blog.  The team has really embraced blogging and collectively we are putting out a very good mix of posts (at least I think so.)
Although …

So my first post for the official NetSPI PCI blog is up there and, true to form, it’s not of a technical nature - merely an observation on how far the impact of PCI reaches.  One of the things that I talk about is how the retail and hospitality communities have gone through something very close to the grieving process in dealing with PCI - now organizations outside of retail and hospitality are starting this process - and it’s just as painful for them as it was for the retail …

OK -
This must have been the article that Ms. Amato-McCoy had written to spark the little editorial that I also just posted about.
The article is about Staples and their Information Security Officer - Christopher Dunning.  It is nice to see that Mr. Dunning seems to have the ‘right’ attitude about security (so says me) and isn’t just looking at the endevour as something that needs to be checked off.
PCI is a budget-exercise.  It’s the ‘fundable’ buzzword that finance requires to attach money to security and to give intelligent, business-focused executives …