Excerpt from: IT Compliance
|
 |
| April 17, 2008 | | PCI Security Standards Council GM addresses PCI compliance in Computerworld one-on-one interview | PCI Security Standards Council general manager Bob Russo was recently interviewed by Computerworld's Jaikumar Vijayan about the PCI Data Security Standard (PCI DSS). While Mr. Russo doesn't completely tip his hand to what's going to be in the updated version/revision of the PCI DSS released in September, he does indicate there will be more specifics around wireless and the guidelines for qualified secuirty assessors (QSAs). You also can't help but wonder if the updated version of the specification will be addressing more around file integrity monitoring, and even fixed-function devices that ofter serve as the entry point for cardholder information. This is a good read for those interested in the PCI standard. Mr. Russo addresses what he sees as the ambiguous controls, where the liability falls after a breach, and provides his perspective on some of the recently publicized breaches. Tony Thompson
tthompson@solidcore.com | | |
|
|
