Established to protect the security and integrity of card payment systems, the Payment Card Industry Data Security Standard (PCI DSS) is designed to evolve in response to new threats and a changing business environment. In October 2010, the PCI Security Standards Council (PCI SSC) is set to release an updated PCI DSS. Certified auditors known as Qualified Security Assessors (QSAs) are critical to the success of the program and have a unique perspective on the standard’s future and opportunities for improvement. Commissioned by Thales, Ponemon Institute surveyed 155 QSAs worldwide to see where the standard is headed and how the program can be improved.

Key findings of the survey include:

• Clarifications on the use of encryption and key management are the most anticipated
  changes in the next PCI DSS release. Using encryption is one of the most effective means
  for achieving compliance, but questions linger about how to treat encrypted data in
  audits.
  
• Tokenization is the new technology mostly likely to be addressed in the next PCI DSS
  release.
  
• Tier 1 merchants are paying over $122,000 more on average for QSA assessments than
  Tier 2 merchants. While most card brands today require Tier 1 merchants to have onsite
  audits, Tier 2 merchants do not have the same mandate. On average, Tier 1 and Tier 2
  merchants are paying $225,000 and $103,000, respectively, for annual QSA assessments.

To start  learning more, fill out the registration form below

If you have not previously registered on this site, please create a password and complete the rest of the form below. The next time you visit us, simply log in using your password - no need to complete the form.

If you already have an account on this site, please login here.