PCI DSS Compliance will continue to be one of the most talked about regulatory compliance initiatives for 2010, without question. First and foremost, data breaches are still occurring, companies are still losing sensitive cardholder data, and lastly, PCI compliance is finally (yes finally) being taken seriously by merchants and service providers in today’s business arena.
As i’ve noted many times in previous posts, as a Payment Card Industry Qualified Security Assessor (PCI QSA), i’m seeing more and more organizations having to comply with PCI DSS, specifically with an on-site PCI DSS assessment. This can only be done by a QSA and be quite arduous of an undertaking, to say the least. As 2010 ramps up and eventually whines itself down, I fully expect many merchants and service providers to undergo an annual on-site PCI assessment, more so than ever before. Technology is here to stay, cardholder data and the use of these small, but powerful pieces of plastic are here to stay my friends! Let’s do what we can to protect them