News

Critics Tear Into PCI Security Rules at Hearing

At a congressional hearing last week, federal lawmakers and retail industry officials contended that the PCI security rules have done little to stop payment card data thefts and fraud

By Jaikumar Vijayan, Computerworld

April 06, 2009Computerworld

At a congressional hearing last week, federal lawmakers and retail industry officials contended that the PCI security rules have done little to stop payment card data thefts and fraud.

"I do want to dispel the myth once and for all that PCI compliance is enough to keep a company secure," said Rep. Yvette Clark (D-N.Y.), chairwoman of the House subcommittee that held the hearing.

National Retail Federation CIO David Hogan claimed that the rules -- formally known as the Payment Card Industry Data Security Standard -- are little more than a tool for shifting financial risks from banks and credit card companies to retailers.

But Bob Russo, general manager of the council that oversees PCI, insisted that, when companies implement it correctly, the standard is useful in protecting against data breaches.

© 2009 Computerworld Inc.

PCI security rules

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors