IT Compliance Advisor

Apr 13 2009   7:08PM GMT

What does being PCI DSS compliant really mean?



Posted by: Scot Petersen
Tags:
compliance
data leakage
PCI DSS
podcast
Visa

There is a big difference between being PCI DSS compliant and being “certified” as PCI DSS compliant, says e-commerce expert Evan Schuman of StorefrontBacktalk.com in this edition of the IT Compliance Advisor weekly podcast. Because audit results can sometimes be subjective, the results could mean that some retailers may not really be compliant even though someone says they are, he says.

The PCI DSS specification is under fire for enabling such ambiguity. The House Committee on Emerging Threats, Cybersecurity and Science and Technology recently held a hearing on PCI and concluded that it has been inadequate in stopping credit card transaction data leakage. The administration of PCI DSS by credit card giant Visa is one reason, Schuman says. Find out more in this podcast.

Reblog this post [with Zemanta]

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: