Conclusions from the second annual PCI SSC community meeting

The PCI Security Standards Council (PCI SSC) announced that more than 550 attendees from over 325 organizations met at the Council’s second annual Community Meeting, in Orlando, Florida, to provide input and analysis of the newly released 1.2 version of the PCI DSS and other payment card security standards. This represents a 71 percent increase in attendance from 2007. The highly anticipated event, held from Sept. 23-25, welcomed the Council’s participating organizations and assessment community contributors.

Topics discussed at the Orlando meeting included the release of the PCI DSS version 1.2, updates to the PA-DSS and PED Security Requirements, special interest group reports on wireless and payment card pre-authorization security, the introduction of a quality assurance program for the QSA community along with keynote addresses from the Department of Justice and Forrester Research.  These interactive sessions gave participants key information as they continue with their PCI standards implementation.

Because of the dramatic increase in participation in the Council, this year’s community meeting in Orlando will be followed up with a second community meeting in Brussels, Belgium, October 21-23, 2008. This second meeting will enable participating organizations and the PCI assessment community to engage with the Council at an additional venue.  More than 120 delegates have already registered for this additional meeting.

In addition to the more than 500 participating organizations, the Council has 147 approved scanning vendor (ASV) companies and 164 qualified security assessor (QSA) companies that help ensure continued compliance with the PCI DSS.  The Council also approves payment application QSAs (PA QSAs) as part of the PA-DSS program.  Together, the assessment community and participating organizations, at the community meeting and throughout the year help define and evolve the security standards to protect payment cardholder account data.