“Compliance and PCI are going to be like Y2K for VARs,” Steven Harper, vice president of business development for StillSecure, a Superior, Colo.-based security vendor. “Eventually, there’s going to be more and more and more dealing with what are the compliance issues.”
The article calls out the extension of the PCI DSS process lifecycle from two years to three as the hinge upon which this opportunity turns, with vendors who can consult and upgrade client systems leading the way.
Growing awareness of the DSS among the merchant community is identified as the impetus behind client inquiries and demands of existing providers. Additionally, the article indicated that those merchants with few resources to manage PCI compliance themselves may be likely prospects for outsourcing.
Patrick Bedwell, vice president of product marketing for Fortinet, a networks security vendor, said PCI requirements have evolved and it’s becoming more of a hurdle for companies to ensure their in compliance and could pass an audit if necessary.
“The evolution of the PCI requirements over time is really making it more difficult for people in the trenches to comply,” he said. “As threats are evolving, PCI requirements are evolving with them.
And for partners, that creates the opportunity to be a valuable trusted advisor and guide clients through the PCI maze.
“It’s not about a partner parachuting in with a fix,” Bedwell said. “It’s essential for them to be up on the latest requirements.”
For its part, Fortinet offers training and certification around PCI compliance for partners and is working to ensure its cadre of security VARs are armed with updated PCI knowledge.
“What’s interesting about PCI is it’s been placed for several years and there haven’t been many penalties enforced,” he said. “That’s about to change. Time is running out and organizations have to put these mechanisms into place.”
The article also indicates that enforcement of the DSS may soon be intensified as smaller merchants begin to look more inviting to hackers and data thieves.
