PCI Data Security Standard compliance is almost as popular in the tech media as Sarbanes-Oxley. A lot of the added attention probably stems from the relatively new standards -- and the fact that Visa has stepped up its enforcement efforts. (Actually, the payment card provider has eased its standards, but merchants attempting to plead ignorance of the compliance deadline will have no excuse, it seems.)
This morning Bloor Research's IT security practice leader comments on the flood of compliance solutions that always follows the enactment or adoption of new standards, as well as the wide range of vendor claims that accompanies the product flood. However, the newly formed PCI Security Vendor Alliance attests to the fact that PCI is introducing maturity to the IT security space, Nigel Stanley says:
The 50 or so members act as an anti-bull**** forum shooting down any excessive claims an individual vendor may make about their product solving PCI compliance issues over night. Vendors are probably in a better position to do this than most others as they will be faced with each other in a competitive pitch, so excessive claims will be subject to scrutiny.