Nearly a year following the disclosure of a Heartland Payment Systems data breach affecting 130 million credit and debit card holders, the debate over the effectiveness of basic compliance continues to rage, reports Computerworld. Critics point out that mere compliance with the Payment Card Industry (PCI) Data Security Standard is never enough, and that the routine method hackers used to access Heartland's system underscores the futility of relying on baseline standards. Gartner privacy and security analyst Avivah Litan told the magazine that the breach served to offer "stark realization that passing a PCI security audit does not make a company secure. This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face of companies complying with PCI."
Full Story
Comments
If you want to comment on this post, you need to login.