Working on PCI: DSS at work atm, and I getting frustrated with the wishy-washy statements from our QSA and the PCI Council, that really don’t help me in convincing the exec that we need to take this seriously. They are under the impression that the PCI Council don’t really have any ‘teeth’ and so can’t really justify the spend to become PCI compliant, and in a way I agree.

So I decided to submit a petition on the petition website to ask that the government make it a legal requirement that companies become PCI compliant.

I don’t know if it will do anything but its worth a go, so when it gets approved and I get the URL, I will let you know what it is so you can sign it