Hi,Don't miss the PCI SC Magazine eConference tomorrow March 22, 2011.
I will talk about the PCI Compliance versus Security perspective and share my view on the following :Is PCI a Compliance or Security Program?When: 22 March 2011 1pm EDTWhere: https://events.unisfair.com/index.jsp?code=SCW&seid=3262&eid=474Fee: FreeAbstract:This 3-letter acronym has significantly impacted the security and IT industry over the last years. Some consider PCI as a daunting undertaking, a source of constraints, stress and restrictions. For them,  PCI is at best a supplemental insurance hopefully preventing penalties. Others religiously believe that meeting PCI compliance requirements dramatically increases their overall security posture.In this Webcast, Didier Godart, Risk and Compliance Manager at Rapid7 and one of the co-authors of the first versions of PCI DSS will reflect on the current state of PCI. As PCI is spreading further and further into the realm of business decision makers, is it leading to a fundamental paradigm shift moving the discussion from compliance to true security? Can PCI itself be used as a strict security regimen? What are some areas for additional potential for PCI? Where are its boundaries? Looking for your comments and feedbacks. Please let us know your answer to the following question:How do you consider PCI ?a) as a compliance program.b) as a foundation for your company security?Didier GodartRisk Product ManagerRapid7