Cisco Systems has been voted onto the twenty-one member PCI Security Standards Council (SSC) Board of Advisors. The official announcement from the council should come in early May. The Board of Advisors is elected every two years, with the last election being in 2007. In a nutshell, the PCI Security Standards consist of 12 main IT security requirements that work to reduce digital credit card fraud. The standard applies to the networks of all organizations that hold, process, or pass credit cardholder information. The PCI SSC Board of Advisors are there to represent the council members as a whole. To this end, council members meet on a monthly basis to discuss/resolve PCI DSS standard revisions, updates and technology issues. The influence these standards, and by extension this Board of Advisors, have on businesses and consumers around the world can be considerable. Here is how the PCI SSC defines the role of the Board of Advisors:
The Board of Advisors will represent the current roster of more than 500 PCI SSC Participating Organizations and will provide strategic and technical guidance to the Council, reflecting the varied perspectives of different global stakeholders. The Council views this input as critical to the ongoing enhancement of PCI SSC security standards. As a worldwide organization managing a global standard, the Council desires representation from EMEA, North America, Latin America and Asia Pacific to reflect the global nature of card data security threats. “The caliber of discussion and recommendations from the Board these past two years has provided us with critical feedback for the ongoing enhancement of our security standards,” said Bob Russo, general manager, PCI Security Standards Council. “We encourage all those involved in the payment process to become a Participating Organization and consider an elevated board position to continue shaping the next generation of PCI security standards.”The PCI SSC has a global membership of over 540 companies but only 21 of these are picked to serve on its Board of Advisors. Earlier this year the PCI SSC issued a call for nominations to fill the 14 seats coming up on their Board of Advisors. The PCI SSC Executive Committee appoints the other seven seats. The last time this was done over 100 organizations, out of the then 200 members, were nominated. Needless to say this is a very competitive process. The PCI security Standards Council describes the goals of its security standard as follows:
The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.With this election, Cisco and Cisco customers will now have a more direct connection and influence on the current and future PCI DSS standards. This is sure to be especially appreciated by Cisco’s retail and healthcare customers. Cisco will be appointing Christian Janoff as its primary representative and Terri Quinn-Andry as its alternate representative to the Board of Advisors. For more information on PCI Security Standards see my previous blog here https://www.networkworld.com/community/node/22442 Also, check out the PCI in Healthcare Podcast to learn from those in the trenches how they are dealing with PCI. http://www.networkworld.com/community/node/34913 The PCI Standards website is located here https://www.pcisecuritystandards.org/ What are the top changes you would like to see in the next revision of the PCI Security Standards?
The opinions and information presented here are my PERSONAL views and not those of my employer. I am in no way an official spokesperson for my employer.
More from Jamey Heary: Credit Card Skimming: How thieves can steal your card info without you knowing it Cisco enters the crowded AV and DLP client marketCisco’s new ASA code allows you to securely take your Cisco IP Phone with you anywhereCisco targets Symantec, McAfee with its new antivirus client Google’s Chrome raises security concerns and tastes like chicken feet a>Go to Jamey’s Blog for more articles on security.*
*
*
*
*




