News

Critics Tear Into PCI Security Rules at Hearing

At a congressional hearing last week, federal lawmakers and retail industry officials contended that the PCI security rules have done little to stop payment card data thefts and fraud

By Jaikumar Vijayan, Computerworld

April 06, 2009 — Computerworld —

At a congressional hearing last week, federal lawmakers and retail industry officials contended that the PCI security rules have done little to stop payment card data thefts and fraud.

"I do want to dispel the myth once and for all that PCI compliance is enough to keep a company secure," said Rep. Yvette Clark (D-N.Y.), chairwoman of the House subcommittee that held the hearing.

National Retail Federation CIO David Hogan claimed that the rules -- formally known as the Payment Card Industry Data Security Standard -- are little more than a tool for shifting financial risks from banks and credit card companies to retailers.

But Bob Russo, general manager of the council that oversees PCI, insisted that, when companies implement it correctly, the standard is useful in protecting against data breaches.

PCI security rules

RESOURCE CENTER

buy a link »

E-GUIDE

Log Management in a Cyber World

With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.

» Read this eGuide

WHITE PAPER

Comparing Research in Motion and Microsoft Mobile Solutions

Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.