PCI apathy

The PCI juggernaut continues to move slowly in some quarters. Our experience is that some companies are deadly serious and are being encouraged by their banks to be so, others are simply not interested. Many feel it's a bit like Y2K all over again.

"The same apathy applies to PCI, Alan Calder of IT Governance says: "Merchants in the UK simply haven't come under pressure from their acquiring banks to comply. We see Barclays trying to apply some pressure for merchants to comply, but most other banks are not... most companies realise that deadlines for compliance have slipped several times, and there is still no real idea of the level of fines that could be suffered in the case of a breach. So why would you spend the money, if your bank is not pressuring you, there is no obvious size of fine, and there are not obvious benefits to compliance?"