Why does PCI-DSS (and other standards) suck?
From: The Six Enemies of Greatness (and Happiness) - Forbes
Just check item number #3:
![](https://substackcdn.com/image/fetch/w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F57edb867-c204-454d-aa3e-6eab83c9c503_270x172.jpeg)
3) Committees
Nothing destroys a good idea faster than a mandatory consensus. The lowest common denominator is never a high standard.
Standards like PCI are always created by Committees. Unfortunately, as this nice article says, "the lowest common denominator is never a high standard".