Thursday, July 02, 2009

Relation of PCI DSS to Security

Is Paris Hilton a slut? This is the age of universal Internet connectivity, web 2.0 or even “web 2.0+”, massive search engines and also atheism: this leads us to believe that “The Truth 2.0”  (OMFG!) is undoubtedly possessed by Google. If we can ask Google and then analyze its answer to determine with scientific rigor whether Paris Hilton is a slut, like was done here, why not ask the same source of “Google-given truth” about whether “PCI DSS” is related to “security.” Now, I always hear a lot of high-pitched whining from hardcore security folks that  “all those people just want to be compliant, not secure,” and so I wanted to call upon the higher power of Google to figure it out.



So, I ran these queries for “pci compliance” and “pci dss” in Google Insights for Search. Apart from some sexy visuals (no, not of Paris Hilton :-)), the interface shows you other searches related to your original query and also compares their relative volume. Here is what happened:

Search for “PCI DSS”:


Search for “PCI compliance”:


It is interesting to note that Google clearly thinks that “security” is related to “PCI DSS” as top related queries (after the synonym queries “PCI DSS”, “PCI compliance”, “PCI DSS compliance”, etc) are about "security. BTW, the relation algorithm is explained here: the key part is that “Our system [=Google] determines relativity by examining searches that have been conducted by a large group of users preceding the search term you've entered, as well as after.” Moreover, note than nothing else shows up in either list of related queries; pretty much just PCI terms (“visa”, ”credit card”, “requirements”, “dss”) and the word “security.”

Case closed? PCI DSS IS all about security!

BTW, on an unrelated note, did you also know that Paris Hilton qualifies as a platform? Well, you do now.

Dr Anton Chuvakin