Did you know that most businesses that accept credit or debit cards, or both, continue to struggle to achieve and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS). As a result, they are at greater risk of losing confidential customer information and falling victim to credit-card fraud.
About this time last year, we published the first Verizon PCI Compliance Report (PCIR). Like the original Verizon PCI Compliance Report, the new PCIR is chock-full of analysis and insights. Building upon the acclaimed Verizon Data Breach Investigations Report (DBIR) series, in the PCIR we take a hard look at payment card breaches and how PCI Data Security Standards are affecting the risk landscape.
In this report we attempt to answer the burning questions in the PCI community, such as:
• Is PCI really helping reduce risk and improve security?
• What’s the difference between security, compliance, and validation?
• What controls have the strongest inverse correlation with a data breach?
• Why do 44% of all breaches take over a year to be discovered?
Below you’ll find some key findings and some recommendations for your business to meet compliance to avoid steep penalties, including fines and increased transaction fees from the credit card brands.
Top findings from the 2011 Verizon Payment Card Industry Compliance Report include:
Recommendations for Meeting Compliance:
Based on extensive analysis, Verizon offers the following recommendations to help organizations meet their PCI compliance goals:
Additional findings and recommendations are available in the full report, which can be downloaded at http://www.verizonbusiness.com/go/2011pci/us. In addition to the report, readers can access all report resources by visiting the Verizon PCI Report Resource Center.
You may also want to check out the 2011 PCI Compliance Report podcast with Jen Mack, director – PCI Consulting Services, and Wade Baker, director – Risk Intelligence.
Is your business compliant with PCI DSS?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Contact the editor: email@example.com