After launching last week the first reactions to the second version of the Payment Card Industry Data Security Standard (PCI DSS) have been voiced, with many experts in IT security expressing cautious confidence in the new regulations.
The development of PCI DSS 2.0 involved many industry bodies and is intended to help improve the level of security relating to payment card transactions made across the world, from debit and credit cards.
The PCI DSS will be finally implemented from the start of 2011, adding new penalties to the list of punitive measures that firms will face if they fail to adhere to its security rulings.
Security expert, Ron Gula, said that it is in the interest of businesses to take onboard the PCI DSS and use it as a foundation for future policies relating to network security and data loss prevention.
Mr Gula explained that the PCI DSS will not necessarily ensure security and so minimal compliance is less desirable than actually stepping up preventative measures to a greater degree than is required. Complying with the PCI DSS is seen as a good way to limit the impact of downtime and recover after a breach, according to Mr Gula.
Imperva’s Amichai Shulman, said that businesses and organisations can better support their wider security infrastructure by adhering to the PCI DSS. He explained that investment in added security would not just ensure that businesses were in line with its recommendations, but would have a wider ameliorating effect on an operation as a whole.
Earlier in 2010 a survey by Redshift Research found that a little over a tenth of UK groups dealing with payment card transactions actually complied to the previous PCI DSS. As a result many industry experts are welcoming the updated regulations and believe that the sooner they are here the better businesses will be able to ensure data protection.
There are many urging businesses to work with PCI DSS compliance rather than see it as a hindrance. Building strategies which allow for ongoing adherence to its rulings are seen as the most sensible routes to a more secure future.
