NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
Organizations outsourcing card data management to the cloud face significant security risks. How should they prioritize risks when reviewing cloud-vendor solutions? The PCI Council's Bob Russo offers insight.