PCI Shrugged: Debunking Criticisms of PCI DSS

May 14, 2009

PCI DSS is imperfect, but Ben Rothke and Anton Chuvakin say the standard is in security’s best interest. Here they refute common complaints and criticisms of PCI DSS.

Ayn Rand’s 1,100-page treatise Atlas Shrugged deals with the concept of morality of rational self-interest. When dealing with information security professionals, there is likely no greater example of self-interest than the promotion of the PCI Data Security Standard (DSS).

PCI is a pragmatic standard which requires security-comatose organizations to wake up to their responsibilities. And while PCI is only required for companies dealing with credit and debit card holder data, its relevance is germane for any organization.

Continue reading …

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: