Just got back from London (and I feel fantastic!), and they are really taking an interest in PCI. I found it very interesting that many of the Big 4 are still heavily involved in providing advice about PCI even though they are not Qualified Security Assessment Companies. The funny thing is that the UK seems to be where the US was about three years ago. Still in the discovery phase, and not a ton of C-level attention yet. Until Visa, Inc. puts something like the Compliance Acceleration Program in place over there, it will likely have a very slow adoption rate.
Hopefully Visa will give people at least 24 months notice, and the banks will over-communicate with their merchants so there is not a huge panic 6 months before the deadline.
Possibly Related Posts:
- PCI DSS 4.0 Released plus BOOK DETAILS!
- PCI Council Loses $600K in Revenue, PO Population on the Decline
- Why PCI DSS 4.0 Needs to be a Complete Rewrite
- Orfei Steps Down
- Should you be a PCI Participating Organization?