The Payment Card Industry Security Standards Council's participating organizations voted that third-party security assurance and best practices will be the two key areas for the PCI special interest groups to study in 2013.
The council maintains standards for protecting payment card data. In a change from past years, both special interest groups will begin studying their specific topic area in January, but will not report on findings at the same time, the council stated in a Nov. 28 press release.
One group will publish the third-party security guidance in 2013 and the other will publish the best practices for maintaining compliance in 2014.
The change will allow the PCI council to balance manpower and resources to focus on updating and delivering a new version of the PCI data security standard and payment application-data security standard in the coming year.
Any PCI member interested in participating in the special interest group projects can fill out the form on the PCI website by Dec. 15, the council says.
PCI organizations chose the two topic areas from a list of seven proposals established by members during the past year.
“It was certainly not an easy decision,” Bob Russo, general manager of the PCI council, said in the release. “We were pleased that once again we had a strong number of participating organizations identify the areas that they most need guidance around when it comes to protecting their card data.”
The special interest groups represent a key phase for the council because the groups’ findings often result in the eventual establishment of compliance requirements and guidelines, the council says.
Last year, the special interest groups chose card data security in the cloud and in e-commerce as its key focus areas.