Chris Farrow talks about the changes ahead for the current PCI standard and how compensating controls should be used, why they are confusing and how to address compensating controls with your assessor. He is co-founder and vice president of the PCI Security Vendor Alliance. Farrow serves as the founder and director of the Center for Policy & Compliance, a research and advisory group created by Configuresoft.
Diana Kelley discusses some of the headaches companies are encountering during the compliance process and how to choose an assessor. Kelley is vice president and service director at the Burton Group, where she focuses her research on security issues, including compliance.
Dan Jones, director of IT at the University of Colorado, explains his school’s ongoing PCI compliance initiatives. Jones says compliance is an ongoing process.