The 5 claims of PCI DSS snake oil salesmen
By Rajesh Rajamani, Solidcore Systems
The Payment Card Industry Data Security Standard (PCI DSS) is fast becoming the de facto standard for securing critical infrastructure across many industries. This is because a large number of businesses (much larger than originally envisioned) process credit cards and are, therefore, required to be PCI compliant. The PCI DSS, unlike other regulatory regimens, codifies best practices through precise and specific requirements for implementation and compliance audits. The recent spate of data leaks and security breaches have also sparked a sense of urgency amongst businesses to become PCI compliant in the hope that the implementation will improve their security as well.