The PCI Security Standards Council (PCI SSC), an open global forum for the development of payment card security standards, testified before the House Subcommittee on Commerce, Manufacturing and Trade on the work it’s doing to create global standards and resources that help businesses take a multi-layered approach to securing their customers’ card data.
At the hearing on ‘Protecting Consumer Information: Can Data Breaches Be Prevented?’ PCI SSC General Manager, Bob Russo, represented the Council and covered several topics, including:
- Data security best practices include a multi-layered approach involving people, processes, and technology;
- Moving towards EMV Chip technology is an important piece of improving data security, but it is not a complete solution in and of itself. Used together, EMV Chip and PCI Standards, along with many other tools will provide strong protections for payment card data;
- Data security is a complex, global challenge that cannot be solved by a single technology, standard, mandate, or regulation;
- The development of standards to protect payment card data is something the private sector is uniquely qualified to do.
“Congressional hearings this week underscored the complexity of data security issues and why businesses need to develop a multi-layered approach to protecting their customers,” said Russo. “The PCI Standards provide a strong foundation for this approach, helping organizations make payment security part of their everyday business practices by addressing people, process and technology. We look forward to continuing our role as a leader in this area and building on the thoughtful and constructive dialogue we heard this week to drive global payment security forward.”