David Froud has a great blog post out regarding his frustrations with PCI compliance and the industry’s lack of progress since he last did a Report On Compliance (ROC). I have to say that some organizations have made a lot of progress in this area. However there are, unfortunately, still way too many organizations that are putting more effort into figuring out how to dodge compliance or pawn it off on someone else than I would prefer.
PCI Guru 