Compliance Management

Wal-Mart, Bank of America, Microsoft to be represented on PCI standards council

Bank of America, Microsoft and Wal-Mart Stores are three of 14 organizations that will make up the newly formed PCI Security Standards Council (SSC) Board of Advisors.

The board, which include merchants, financial institutions and credit card processors, will guide the PCI data security standard as it continues to gain widespread acceptance across the retail industry, Bob Russo, the PCI SSC’s general manager, told today.

He said the board will ensure the standard evolves with the latest threats and technology and includes "the things people want to see."

The board members, nominated and elected by some of the 200 organizations that makes up the PCI SSC, are leaders in the ever-expanding data security compliance front, Russo said.

"I think these people have had, by and large, the biggest experience with PCI, both with trying to get themselves compliant and with (other companies) looking to them to give them some sort of direction," he said.

The board's first task will be preparing an agenda for the upcoming inaugural PCI SSC Community Meeting, scheduled for Sept. 17 to 19 in Toronto, during which participating organizations, security assessors and scanning vendors meet to discuss the standard.

PCI is gaining momentum because data breaches are everyday news, said Russo.

"Had the breached firms been compliant, you wouldn’t have been reading about them," he said. "The industry is policing itself. We are doing it right. It makes sense that other people are going to want to buy into this."

Board members said in a statement that they were pleased to be associated with a group protecting the valuable information of customers.

Michael Cook, vice president and assistant treasurer of Wal-Mart Stores, said the PCI standard needs constant refinement.

"The industry’s efforts to maintain the safety of cardholders’ data will continue to be an ongoing challenge," he said.

Russo said the standard has been successful because it is "prescriptive." It clearly details steps that must be taken to achieve security, he said.

The other organizations making up the Board of Advisors are: APACS, the U.K. Payment Association; British Airways; Chase Paymentech; First Data; JPMorgan Chase; Moneris Solutions; PayPal; Royal Bank of Scotland; Tesco Stores; TSYS Acquiring Solutions; and VeriFone. Another seven members are expected to be named in the coming months.

Get more IT security news. Click here for SC Magazine Blogs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.