There's been a lot of PCI chatter going on the blogosphere, and having followed the standard for years now, I figured I'd toss in my .02c via SC Mag.
Firms seeking PCI compliance face dilemma
"Like the laws of the land, the impact of industry regulation is dictated by the capability to enforce regulatory law. Manpower and funding are required. Without resources available, laws and regulations don’t matter much. In the U.S., our roadways are maintained and kept safe, marked with street signs, lined with guardrails and patrolled by law enforcement with funds collected from drivers’ license and vehicle registration fees. The cost of enforcement is what drives adoption and someone has to cough up the cash. The question for PCI-DSS is: who?"