Retailers try to push data responsibilities back to banks
Jack Lloyd
lloyd at randombit.net
Fri Oct 5 10:48:20 EDT 2007
On Thu, Oct 04, 2007 at 06:48:49PM -0400, Leichter, Jerry wrote:
> Prat Moghe, founder and CTO of Tizor Systems Inc., a Maynard,
> Mass.-based security firm, called the NRF's demand political posturing
> and said it would do little to improve retail security anytime soon.
>
> "I think a lot of this is about moving culpability back to the credit
> card companies and saying don't make this my problem alone," Moghe
> said. "They seem to have realized that going on the defense as an
> industry doesn't help. There is just more and more they have to do."
Amazingly, Tizor Systems does PCI reviews (actually they entirely seem
to do C&A work), and I'm sure Prat would prefer to see the PCI gravy
train stay around. (I don't know the current state of the industry,
but when I was working in a consulting group 2004-2005, PCI reviews
were our most profitable engagement type by a large margin - and
non-technical enough that you can put a person with a few months of
security training on them and they'll do fine).
-Jack
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list