This just in (OK, it’s really from a couple of days ago): Cybersecurity hearing highlights inadequacy of PCI DSS.
But I thought compliance = security!? And anything forced down our throats at the hand of industry bodies and government goons is all we need to manage business risks!?
Seriously…how long do you think we’ll continue to hear about this…ay yay yay?