The PCI community has suffered a great loss with the passing of Dave Taylor recently. Dave had a vision of helping companies achieve not just the letter of PCI compliance, but the spirit of PCI compliance through better understanding and an open dialog amongst practitioners, auditors, users, business leaders and all other stakeholders. That vision and passion became the PCI Knowledgebase, billed as “the largest PCI research community.”
I first met Dave when I was invited to present a webinar on WebSphere MQ security to the PCI Knowledgebase community. By Dave’s standards the webinar was barely attended but as a conference speaker the numbers were about what I’m used to. I presented that webinar twice and have since heard back from many of the attendees that they are now including WebSphere MQ in their PCI assessments and that they are finding – and fixing – configuration issues. This is exactly the kind of thing Dave was trying to achieve and, although he was initially skeptical about the attendance rates, I know he was happy with the results.
The PCI Knowledgebase has pledged to continue in Dave’s absence and carry on his mission. If you are a PCI DSS stakeholder, please stop by the PCI Knowledgebase web site and check it out. It’s a great resource for anyone involved with PCI DSS and your participation is the best way I can think of to honor Dave’s memory.