Retailers try to push data responsibilities back to banks

Jack Lloyd lloyd at
Fri Oct 5 10:48:20 EDT 2007

On Thu, Oct 04, 2007 at 06:48:49PM -0400, Leichter, Jerry wrote:
> Prat Moghe, founder and CTO of Tizor Systems Inc., a Maynard,
> Mass.-based security firm, called the NRF's demand political posturing
> and said it would do little to improve retail security anytime soon.
> "I think a lot of this is about moving culpability back to the credit
> card companies and saying don't make this my problem alone," Moghe
> said. "They seem to have realized that going on the defense as an
> industry doesn't help. There is just more and more they have to do."

Amazingly, Tizor Systems does PCI reviews (actually they entirely seem
to do C&A work), and I'm sure Prat would prefer to see the PCI gravy
train stay around. (I don't know the current state of the industry,
but when I was working in a consulting group 2004-2005, PCI reviews
were our most profitable engagement type by a large margin - and
non-technical enough that you can put a person with a few months of
security training on them and they'll do fine).


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list