BreachExchange mailing list archives
Re: Do the Payment Card Industry Data Standards ReduceCybercrime?
From: "Sasha Romanosky" <sromanos () andrew cmu edu>
Date: Wed, 1 Apr 2009 13:45:14 -0400
Thanks for the tip! I think "cybercrime" might be too broad of an outcome to practically measure, but it's a geat question. Oddly, the subcommittee seemed to be under the impression that full PCI compliance is entirely sufficient to prevent a breach. I hardly think anyone, especially those from the PCI council, would make such a claim. The other thing I learned is that its really hard to be articulate (and correct) on the spot when pressed with questions in a house committee hearing. :) The archive video and transcripts are available at: http://hsc.house.gov/hearings/index.asp?ID=185
-----Original Message----- From: dataloss-bounces () datalossdb org [mailto:dataloss-bounces () datalossdb org] On Behalf Of security curmudgeon Sent: Tuesday, March 31, 2009 3:08 PM To: dataloss () datalossdb org Subject: [Dataloss] Do the Payment Card Industry Data Standards ReduceCybercrime? ---------- Forwarded message ---------- From: Anton Chuvakin <anton () chuvakin org> This is going on right now in live video here http://hsc.house.gov/about/schedule.asp , BTW. "*Tuesday, March 31, 2009 @ 2pm* *311 Cannon House Office Building* Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology Hearing *Do the Payment Card Industry Data Standards Reduce Cybercrime?* *Witnesses:* Rita Glavin, Acting Assistant Attorney General, Criminal Division, Department of Justice Robert Russo, Director, Payment Card Industry Data Security Standards Council Joseph Majka, Head of Fraud Control and Investigations, Global Enterprise Risk, Visa Dave Hogan, Senior Vice President and Chief Information Officer, National Retail Federation Michael Jones, Chief Information Officer, Michaels Stores Inc. The hearing will examine the effectiveness of the Payment Card Industrys Data Security Standards, which are security requirements for all businesses that store, process, or transmit cardholder data. These standards were established to reduce the number and size of data breaches, the proceeds of which may be used to fund terrorist activity." Live twitter coverage: http://search.twitter.com/search?q=%23pcihearing Ah, some would ask what is the score so far: Committee:1, PCI: 0 :-(
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- Re: Do the Payment Card Industry Data Standards ReduceCybercrime? Sasha Romanosky (Apr 01)