Companies are beginning to look at PCI more strategically, applying the same protection measures that they use on card data on the rest of the sensitive personal data they hold. The community meeting offered ample opportunity for discussion of PCI guidance, consensus, clarity, best practices and examples. 2010 is the year for the next expected update of the PCI standard, says Matt Davis, Audit and Compliance principal practice lead at SecureState, a Cleveland, OH-based risk management assessment firm. “There needs to be more discussion, more information sharing,” Davis says.”]
Source: https://www.govinfosecurity.com/blogs/impressions-from-pci-community-meeting-p-312