Religion, Politics, and PCI
July 2nd, 2009 by cmark Posted in PCI DSSAs we approach Independence Day, I thought it fitting to post a blog on politics and religion as they are such an integral part of our country’s rich history. It has long been said that politics and religion should not be discussed amongst mixed company.
People generally have very passionate and entrenched views on these topics and as such any discussion can quickly turn from a friendly debate into an ugly argument. For those who are not history buffs, our own country’s founding fathers did not always get along and had some famously heated debates about the direction of the new nation.
In reading through the various blog postings, tweats, and forums, I believe we are almost at the point where we may want to include “PCI” in the list of taboo topics to discuss over dinner. While I am obviously exaggerating for effect, the PCI is certainly a topic that causes passionate debate. I am one of those who has passionate views on the state of payment card security.
When reading the various blogs and forums one will quickly see that they run the spectrum from obsequious fawning to downright indignation and anger about the standard, the PCI SSC, the card brands, QSAs, and everyone in between.
While likely most people reading this particular blog have passionate views about religion, politics, and payment card security (PCI), it is open, impersonal, passionate debate that will continue to move payment card security forward. If I could envision a model for discourse within the payment card industry, it would likely be modeled after our friends in the UK House of Commons where impassioned debate as well as levity (and the occasional questionable joke) are the order of the day. If the House of Commons is too extreme of an example, then our own congressional debates can serve as the model. The important point to take from is that we should all strive to debate furiously, and passionately without taking or making it personal.
I have had opportunity to own a QSA firm, work at MasterCard, serve on the PCI SSC, and train QSAs. While I may not agree with the positions of each or any of the groups at one point or another, one thing I have learned is that each of these entities has very different pressures and challenges. From my own personal experience, I can say that I was absolutely dumbfounded at the complexity and challenges faced by MasterCard and all of the considerations that must be made when modifying the SDP or PCI DSS.
On that note, let the debates continue but lets not forget the larger picture. We all work in the payment card industry and are ultimately all working toward the same goal. While we may (and usually do) disagree on the direction of the PCI DSS or other programs, this is natural and necessary for the evolution of the standard and security within our industry.
If you have something to say and want to have it published in Secure Payments, please consider doing so. The magazine is open and we don’t have to agree with your position to realize that someone may find value in the article.
Have a safe Independence Day weekend!
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Sorry, comments for this entry are closed at this time.