Former Congressman Does Not See Federal PCI Legislation Likely

Tom Davis, former US Congressman currently at Deloitte gave the keynote speech at the PCI SSC community meeting this week in Las Vegas. After some very interesting insights about how presidential job approval impacts congressional elections which is what drives much of Congress, he talked about the current climate on the hill for cyber security initiates, including legislation covering PCI. His view was there is benefit in congressional hearings to draw attention to the issue get the industry to look harder at its own initiatives, and such hearings will continue. However, there is no benefit to any congressman in pushing cyber security legislation of any kind until there is some kind of cyber Armageddon. He believes any federal legislation that covers PCI will not occur for the next foreseeable number of years. This is not to be confused with someone filing a piece of legislation. He ended by saying the private sector is way ahead of the government sector on both cyber security policy and implementation.