How the PCI DSS is currently viewed within industry/business. IS the PCI DSS seen to be a useful standard -- what areas are seen to need improvement? What is the status ( is it part of our legal code, if so, details- if not, is it planned) of Data Breach regulation in Australia? What is your concise analysis between data breach legislation and PCI DSS compliance/ operation?