Welcome
It is important to differentiate between the PCI DSS, which is a set of best practices that represents the baseline for security in the payment card industry, and the job of securing confidential data and protecting customers, which is the responsibility of information security departments – one is a compliance issue that happens to be about security, the other is a security issue. In other words, PCI DSS compliance in itself does not constitute a sound security strategy; it means simply that a company has met the standards required of it. However, although compliance and security are separate issues, they are often commensurate: a sound security strategy should encompass the 12 requirements of PCI DSS while going beyond it where necessary.
On this site, you will find a wealth of information that will help your organisation develop a sound strategy for achieving compliance and securing its assets in our Knowledge Centre. You can also find news of up-and-coming PCI Security events and details of past events. Finally, we have an extensive directory of key organisations that you may wish to contact either for the purposes of achieving compliance or securing your assets.
|
In Autumn 2010 there will be a major update of the current PCI Data Security Standard. With major deadlines approaching, companies are looking for answers that will help them reach compliance in a way that keeps costs down, while at the same time gaining maximum value from investment.
The agenda for events in 2010 will focus on identified needs within specific markets to provide the information that merchants, payments processors and acquirers need now, while also helping organisations prepare for the impact of technologies or requirements that may be mandated to deal with specific challenges in the future. Next Event:
22 June 2010
Forthcoming Initiatives in 2010:
|
