Governance is an important part. If the PCI SSC member companies want to ward off Government regulation, they need to be more transparent certainly. How is it that they could end up with such milquetoast controls as simply "encryption" or "web application firewalls" being equivalent to "source code security review" is a testimony to what happens in the smoke-filled rooms there.
Gartner analyst chides PCI Security Standards Council - IT Security News - SC Magazine US The Payment Card Industry Security Standards Council (PCI SSC) has taken two steps forward and one back by the creation of a new Board of Advisors, according to Gartner analyst Avivah Litan.
No comments:
Post a Comment