Highlighted alterations for version 3 of PCI DSS are presented.
Feedback from the PCI Council’s constituents, market response and the PCI development lifecycle combine to inform and develop a new version of PCI requirements (for compliance and certification).
There are several key issues that are highlighted by the PCI Security Standards Council, including: a focus on flexibility, to make compliance more accessible and easier to implement, better guidance and education, in general and specifically regarding passwords, as well as, security to be viewed as a collective responsibility.
ACY Securities Asia Trading Cup Returns for 2nd YearGo to article >>
According to Bob Russo, PCI SSC general manager: “Today, most organizations have a good understanding of PCI DSS and its importance in securing card data, but implementation and maintenance remains a struggle – especially in light of increasingly complex business and technology environments.”
With fraud as an ongoing threat, particularly to e-merchants, it is pleasing to see that PCI is evolving to assist merchants in their plights for improved security, specifically since businesses are losing large sums of money, for jam, in the absence of controls that adequately prevent cyber-theft. If merchants are struggling with “implementation and maintenance”, then we hope that PCI regulations develop to respond directly to merchant needs in this these spheres.