As I wrote yesterday, the PCI Community Meeting discussions are interesting and useful. Many have asked me to provide insights on the actual changes to the specification and especially on section 6 and 6.6 (ensuring that all public Web-facing application are protected against known attacks), section 10 (track and monitor all access to network resources and cardholder data) and section 3 (protect stored cardholder data).
While we still need to respect the embargo on disclosing the actual details of the PCI DSS 1.2, there are few insights that I can share regarding the community culture and the spirit of this event. As you can see below, section 6.6 can also be used as an opening sentence when one is looking for new friends...
As soon as the embargo is lifted, I will share our thoughts and insights. And for more insight into the world of the PCI QSA, I encourage you to attend our upcoming webinar, "The Inside Story of PCI: Confessions of a QSA."
While we still need to respect the embargo on disclosing the actual details of the PCI DSS 1.2, there are few insights that I can share regarding the community culture and the spirit of this event. As you can see below, section 6.6 can also be used as an opening sentence when one is looking for new friends...
As soon as the embargo is lifted, I will share our thoughts and insights. And for more insight into the world of the PCI QSA, I encourage you to attend our upcoming webinar, "The Inside Story of PCI: Confessions of a QSA."
Leave a comment