Industry Adapation PCI Standards Going SLow

Darking Reading reports on PCI Standard adaptation that:

Yet after a year, only about one in five of the top 200 retailers has achieved compliance with the PCI specifications, according to comments made by Visa USA CEO John Coghlan at a conference last month. But one auditor says his figures indicate retailers aren't even doing that well: He shows only 25 of the leading 280 merchants in compliance.

I am just starting to read up on the PCI standard(s). They are not simple. I can definitely see where financial service providers that are good at executing complex security standards could have a competitive advantage over those that are not. This ties in well with Donn Parker's ideas on a non-risk based approach to Corporate Information Security programs.

2 Responses

  1. Hi,

    I`m just wondering what reports you were reading and where did you find them. I`m doing some research on PCI but need more current information.

    Thanks!

  2. Hi Christine:

    What I have been reading are internal documents from my current employer, but I can not pass those on.

    There is this Visa page:

    http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html

    …and it looks like they have a link to the PDF of the standard:

    http://usa.visa.com/download/business/accepting_visa/ops_risk_management/cisp_PCI_Data_Security_Standard.pdf?it=il|/business/accepting_visa/ops_risk_management/cisp.html|PCI%20Data%20Security%20Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: