Incident Response Stories - Bill Swearingen - PSW #793
Security Weekly Podcast Network (Audio)
00:00
PCI Guidance for Merchants
The guidance from a PCI perspective is, you know, and I think most QSA's that I know would do the same thing. If you know it's a problem and it's a security problem, you can talk to the client and try to explain to them why from a security perspective, this is the right thing to do. It doesn't say you have to do it. But if something happens where you are breached and this becomes the issue, this was the point of exploitation or what was used to get to it, you're probably still going to get fined. So kind of like you're saying earlier, it's hard to come up with legislation that's going to force things.
Transcript
Play full episode
