Gartner’s Litan: “The moral of this story is, if you’re in IT, don’t go into retail” Part of the blame for Target’s breach may lie with whichever Payment Card Industry Qualified Security Assessor certified Target as compliant. Litan also criticized PCI assessors for having language in their contracts that precludes them from being held liable if a certified business they’ve certified as PCI-compliant later suffers a breach. “Why should the assessors escape liability? They’re the third-party experts who are certified to achieve PCI compliance””]
Source: https://www.darkreading.com/attacks-breaches/target-cio-s-resignation-7-questions