Monthly ArchivesApril 2017

Have you noticed that there has not been too much (well, really any) bad press around the PCI ecosystem lately? Perhaps everything is great! Doesn’t seem like we’ve had the same string of retail breaches that we saw in 2014 (which lead to this piece of research), even though 2016 was bad (good?) in general for cybercrime. A quick data dump from PrivacyRights.org says there are around 100 related to cards since 2016, but some appear to be duplicates (Wendy’s is reported multiple times). Of course, we found out about more problems at IHG last week. Seems like big security bloggers still talk about breaches, but we don’t see the same questions around PCI DSS that we did in 2014-2015. Individuals certified or ...

The other day I was thinking about all the programs that the Council currently maintains and I wondered if it was possible to see how much money the Council actually brings in every year. I mean, every year seems to see more programs with more fee collection opportunities for the Council, but had anyone ever added all that up? So I got to researching. I started with the usual sources: LexisNexis, Hoovers, Dun & Bradstreet, and found very little information. Only one report by Dun & Bradstreet, who is notoriously inaccurate when dealing with privately held firms, of around $3.7M in 2016. Then I headed over to the IRS’s website to see if the Council had ever filed a form ...