We notice you are visiting from a U.S. Internet provider. 
15/03/2010 -
Although the PCI Security Standards Council is currently evaluating new payment processing technology for potential inclusion in the new PCI DSS to be released in October, none of the technologies will be a silver bullet for compliance, reported PCI SSC general manager Bob Russo.In an interview with Bank Info Security's editorial director Tom Field, conducted at the IT security-based RSA Conference held the first week of March in San Francisco, Russo reiterated the council's party line, which is that businesses should prioritize security instead of compliance.
"If you are secure, compliance comes along as a byproduct; so that's a good thing," he told Field. "You need to understand that this needs to be built into your DNA and that you need to do this on a daily basis. You need to live, breath, eat, sleep, not PCI, but security, and if you let your guard down for one second that is when things happen."
Awareness of this point was raised as a result of the massive payment processing breaches of Heartland Payment Systems and various other high-profile companies in 2008, in which the companies claimed that they were PCI compliant yet suffered breaches anyway.
