PCI DSS: Standards vs. Reality

In this episode of InfoSec Insider, Alastair Stewart and Tibor Laczko, both Senior Consultants and Qualified Security Assessors (QSAs) at URM, explore the theory versus the reality of compliance with the Payment Card Industry Data Security Standard (PCI DSS). Alastair and Tibor leverage nearly 30 years’ combined experience with the PCI DSS to discuss: 

• Whether it would be cheaper to simply pay the fines instead of being PCI DSS compliant
• How often they see organisations treat PCI as a one-time project versus an ongoing programme
• The possibility of still suffering a breach while being fully compliant, and whether this has happened in the past
• The PCI requirements organisations struggle with most in practice
• How smaller merchants can cope with PCI requirements that were designed with larger organisations in mind
• The areas where PCI DSS lags behind current security threats
• And more.

Ask Alastair and Tibor a question: https://www.urmconsulting.com/podcasts/pci-dss-standards-vs-reality

If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider      

You can find more episodes of InfoSec Insider here:  https://urmconsulting.com/podcasts      

Connect with us on LinkedIn      

Brought to you by URM, the UK’s leading information and cyber security specialists.