Oct 11 2010
Last week Gene Kim and I interviewed Mike Dahn about his views on PCI and why it’s important to him. This week we get to talk to Josh Corman of the 451 group and question him about the influence the Payment Card Industry Data Security Standards (PCI DSS) have on the security market as a whole. Josh also gives us more about the basis for the tension between Mike and himself.
There’s a lot of ground to cover between the views of Mike and Josh. Josh is not part of the day to day process of the compliance field. He doesn’t see the things that assessors see every day. But he does talk to C-level executives on a daily basis and he knows the perception that CSO’s and CISO’s have of compliance. He realizes that the perceptions of these leaders has a direct impact on their spending and therefore on what technologies recieve market share.
Mike, on the other hand, has been involved in PCI for a long time. He helped form much of the training that is given to each Qualified Security Assessor (QSA). He’s trained a huge number of QSA’s himself and continues to work in various special interest groups (SIGs) related to PCI. He’s invested a lot of his time into PCI and has a body of work to be proud of. He sees the changes PCI has brought to the merchant and service provider landscape and believes the changes are definitely more positive than negative.
Gene and I hope that, despite their very different viewpoints of the same issues, Mike and Josh can overcome the differences to understand what they have in common. The good news is, you only have one week to wait to find out. Four guys get around a table in Orlando, Florida, drink a bottle of good whisky and record a podcast; what could possibly go wrong?
Thanks again to Tripwire for making this series possible. We’re almost our goal of $1000 donations to the Electronic Frontier Foundation and Hackers for Charity. If you donate to either of these charities on our behalf, Tripwire will match, up to $1000. So please help us raise money for these two worthy donations. Leave a comment here after you’ve donated, send an email to email@example.com or use the hashtag #PCIHugItOut to let us know you’ve donated and Tripwire will contribute as well.