This is Anton Chuvakin original blog (pre-Gartner) that I will now use to backup my Medium blog content (2023+)
What is the point of said book? PCI is not really that difficult. Most companies have already or are in the process of becoming compliant. Tell me why I should buy this book.
Well, if you think thata) PCI is easy, andb) most people who needs to be compliant are either already are or well on the way becoming compliantand we for a second assume that these are actually true, then my answer is 'you certainly don't need to buy it.'However, these are assumptions are painfully and blatantly wrong based on my experience. On a sunny day :-) I might agree that PCI reqs are trivial for a seasoned security experts, but unfortunately not all companies who need to be compliant have one such person on staff...
Post a Comment