If you’ve ever participated in a conversation about PCI with infosec professionals, you will most likely end up discussing the effectiveness that compliance initiatives have to the overall security posture of an organization. One of the most passionate experts on this precise topic is Josh Corman (@joshcorman on twitter), Security Analyst at the 451 Group.
If you’re not familiar with his points of view and the “No Child Left Behind” analogy, I recommend that you take a look at this videocast that Gene Kim (@RealGeneKim on twitter) and Josh recorded on “The Perils that PCI Bring to Security“.
Last week while at the PCI Community Meeting in Orlando, I got to work on another interesting project with Josh (more to come on this soon). I had opportunity to understand his perspective on compliance standards even better, and admire his commitment to help the infosec community become more educated, more secure and more innovative. He has been the “critical voice” on PCI, so I asked him if his opinions on PCI had changed at all after attending the Community Meeting, especially because he got the opportunity to see first hand some of the inner workings of the Council. So here’s what he had to say:
You can follow Cindy Valladares on Twitter @cindyv