Preview Mode Links will not work in preview mode

Jan 5, 2015

Hi everyone! Welcome to the very first episode of the Down the Security Rabbithole Podcast for 2015! On this opening episode, Jeff Man joins us to talk truth to power on PCI-DSS and shatters myths for us.


In this episode

  • Jeff tackles some common misunderstandings about PCI
  • The crew discusses PCI – what’s right about it and what’s wrong about it
  • Jeff tells us why he believes if you’re secure you’re compliant, but if you’re compliant you’re probably not secure
  • The $64M question- Isn’t EMV, P2PE, and tokenization going to spell the end of PCI?
  • Jeff tells us what to look forward to with PCI DSS v3.0


  • Jeff Man ( @MrJeffMan ) - Mr. Man has 13 years of DoD experience (10 at NSA as a Cryptanalyst/Information Security Analyst), 18 years of commercial consulting – pen testing, vulnerability assessments, security architecture reviews, and 10 years as a QSA doing PCI (and yet he's never conducted a PCI audit and never been a CISSP). As a QSA he's been involved with most of the major companies that experienced breaches in the mid-2000’s (Walmart, TJX, Heartland) so he can speak with some credibility about recent breaches in the past year or so.