StorefrontBacktalk - How To Sell PCI To Business Units.

Great post about how to get attention internally for information security and PCI projects.  Too often, info. security is seen as an IT problem or an Audit problem and the truth is, it’s a BUSINESS ‘problem’ that needs to be understand and addressed through business terms.

What we’re really talking about is ‘brand’ security - providing your customers peace-of-mind and a level of comfort that supports your brand in their purchasing universe.  Brand relates to sales, profits, marketing, etc. and brand is going to be immediately affected if a breach or similar security ’situation’ occurs.

Information security isn’t something that should have to be sold internally at retailers and hospitality providers, but, in some cases, it apparently needs to be related in the right context to the right people…