The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their clients’ sensitive data, which typically includes the use of strong cryptography as dictated by PCI DSS requirement 3. Most organisations empty this burden on the IT department or IT management teams and hope all their compliance is covered. However, in most cases when there is a data breach, the burden lies on the shoulders of the C-level management, who are left to answer to the difficult questions.
Read more