BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The Payment Card Industry Security Standards Council (PCI SSC) is perpetually stuck between a rock and a hard place. As steward of the Payment Card Industry Data Security Standard (PCI DSS), its mission is to make the standard as rigorous as possible to ensure merchants protect precious cardholder data, yet it must constantly work to minimize the cost and complexity of PCI compliance in order to ensure merchants fully embrace the standard.
On the eve of the release of PCI DSS 3.0, SearchSecurity spoke with Bob Russo, SSC general manager, and Troy Leach, SSC chief technology officer, about the most important changes in the new version of the standard that debuts Nov. 7, 2013. Russo and Leach also offer their perspective on the most important milestones in the history of the PCI standard, and how PCI community feedback has shaped what the standard has become.