Security experts warn of race to the bottom on PCI certs
Published 11 October 2007
Did you know that an organization has no legal responsibility to fix a vulnerability? Current laws stipulate the requirement that people be informed when data is breached, but there is nothing forcing a company to fix something before it leads to data being compromised
Security experts are grumbling about the Payment Card Industry Data Security Standard, saying that some merchants just want to get PCI-certified as cheaply and easily as possible
More Stories: