French Caldwell

A member of the Gartner Blog Network

Entries Categorized as 'Standards'


The Myth of EMV

by French Caldwell  |  March 25, 2014  |  7 Comments

Like most of us, since the Target hack, I’ve heard statements on how EMV is THE answer to credit card fraud, and how it’s been working great in Europe which has had it for 20 years.  If the business case were so compelling, wouldn’t EMV have made the trip across the Atlantic a long time […]

7 Comments »

Category: Cybersecurity fraud Standards     Tags: , , ,

Time to Stop Misusing SSAE 16 in Vendor Marketing

by French Caldwell  |  October 9, 2012  |  5 Comments

Some vendors and their auditors appear to be misusing SSAE 16 the same as they did SAS 70. For example, today I saw an announcement from security vendor Prolexic with the headline, “Prolexic Completes SSAE 16 Examination for Distributed Denial of Service (DDoS) Attack Mitigation Services.” SSAE 16 (aka SOC 1) like SAS 70 before […]

5 Comments »

Category: Cloud compliance GRC Standards Vendor Contracts     Tags: , ,