You Really Think ROCs Should Be Made Public?

When we announced our joint PCI/Mobile report with Forrester last week, we expected to see some interesting reactions as we asked people to weigh in on several controversial issues. But the preliminary results were a bit startling. For example, most respondents so far have said they wouldn't change a thing about the PCI process, which is fascinating given how many nitpick complaints we hear about that process from retailers. (It's probably the best overall approach available, but you'd make no changes? Really?) The second most-selected PCI response (thus far) has been "making all payment card industry compliance reports public so that competition can motivate my rival chains into doing the same security investments as I am."

Retail IT execs generally have freaked out at the suggestion that any security reports be made public, which is why that answer startled us. Care to set the record straight by giving us your own answers?? It only takes a few minutes, it's free and it's guaranteed to add 11 years to your life. (That's my favorite impossible-to-prove promise.) On a more mundane level, it will make the results more accurate (well, at least more to your liking) and help push the community in the right direction. Think of taking the survey as one of those adult responsibilities, like voting or eating high-fiber cereal: You know you should do it even though it's not especially fun. (There's a reason I don't work in marketing.)