For e-commerce merchants and third party service providers, the changes required in the PCI DSS 3.0 may be more labor-intensive, but for the business community as a whole, they should help bolster security. It is critical, however, to keep in mind that PCI DSS compliance is a baseline for security. Businesses should first identify where their valuable data lives and moves and then implement security technologies and services designed to protect those attack vectors.
By focusing on securing their environment first and foremost, businesses should inherently become compliant and maintain compliancy. That's the best way to stay ahead of the criminals.