After reviewing this article in computerworld, http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=317307, I am again stunned by the cluelessness of corporate executives. Answers aren’t always throw more hardware or software at a security problem. Looks like to me the Hannaford problem had one thing in common with all the other high profile breaches – the problem had to deal with people, the people INSIDE Hannaford, rather than some technical deficiency – although it looks like there may have been plenty of those. How did this company get through its PCI DSS assessment? It says it’s installing IDS – did it not HAVE one before?
