Jan 09 2009

PCI related blogging

Published by at 6:38 am under PCI

I recently asked on Twitter for names of blogs/bloggers who covered the Payment Card Industry and found a few new blogs thanks to the replies.  I started a list that came to a little under a dozen sites who cover PCI fairly regularly.  Well, my little list is blown away by a list of banking and payments blogs over at Payments News.com.  A lot of the sites they list don’t cover PCI, but the majority of them at least hit on it from time to time.

Here’s a link to their list and mine:

And to finish it off, here’s a good article about how to choose a PCI DSS QSA auditor.  James DeLuccia is basically telling potential clients to slow down and set some ground rules with the auditor and the company before you sign any paperwork.  Be certain you understand exactly what you’re getting and what you’re not getting with a particular auditor or company.  This article does assume you’re working in a company that’s big enough to have a separate Internal Audit department, but most of the lessons can scale down to a company with a security staff of one.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

10 responses so far

10 Responses to “PCI related blogging”

  1. Walt Conwayon 09 Jan 2009 at 9:23 am

    You might also add the PCI News and Information blog at the Treasury Institute for Higher Education: http://www.treasuryinstitute.org/blog. While focused on Higher Education, it covers issues of interest to many merchants and vendors.

  2. Jon Thomason 09 Jan 2009 at 10:23 am

    Kevin Prince at Perimeter eSecurity exclusively writes their blog. It covers all network security issues, but he does talk about PCI every so often. http://www.perimeterusa.com/perimeterblog.html

  3. Trey Fordon 09 Jan 2009 at 1:33 pm

    You may consider adding my blog, “Trey Ford – Security Spin Control” . You’ll find all sorts of banter from AppSec and Compliance, to Risk and Business, with some occasional other banter- and probably a higher PCI volume than I want to admit.

  4. Chris Hayeson 23 Jan 2009 at 7:47 am

    I often blog on PCI compliance. My thoughts are more from a merchant perspective.

  5. Mikeon 26 Jan 2009 at 9:29 am

    Martin, thanks for putting up this list. The more info the better. :)

  6. Martin (not that Martin, a different Martin)on 26 Jan 2009 at 10:57 am


    I know that this is from a competitor of your day job employer but I find it helpful…




  7. […] McKeay also has a list of PCI related blogs.  Please let me know if you have others that should be on the list.  The goal here is to […]

  8. Element Payment Serviceson 29 Jul 2009 at 2:17 pm

    Great blog, Martin, and a great list, too, of other PCI-related blogs. Would you be willing to add ours to that list? It can be found at: http://blog.elementps.com


  9. Bryan Johnsonon 29 Jul 2009 at 5:25 pm

    Thank you for the mention, Martin.


  10. Security Videoson 01 Sep 2010 at 2:14 am

    Fantastic blog Martin, it’s great to have a single place with a list for all the related PCI compliance information – which is a nightmare btw.

%d bloggers like this: