There is a big different between compliance and security.
The PCI-DSS (Payment Council Industry Data Security Standard) is the measure against which e-commerce security is measured and it is now in the process of gearing up for a major update at the end of the year.
Ahead of that update, The PCI Security Standards Council (PCI SSC) has issued new guidance on how organizations can better secure themselves.
"A lot of the exploits we're seeing today are older exploits that should not still be happening," said Bob Russo, general manager, PCI SSC. "This set of guidelines is an attempt by the community at large to make sure that people have guidance."
The link for this article located at eSecurity Planet is no longer available.
