I’ve been reading, with no small amount of interest, about the congressional hearings surrounding the Payment Card Industry Data Standards (PCI DSS) that took place on March 30th. Over the last six months, various incidents and data breaches have renewed discussion about the Payment Card Industry’s Security Standards Council and the value of PCI DSS. It all came to a head on Tuesday in various testimonies given to the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology (or ‘SETCAST’ – see http://www.homeland.house.gov/hearings/index.asp?ID=185). I thought I’d take the opportunity to write my first blog post for Verizon Business to discuss why I think the PCI DSS is just fine.

(more…)