Menu
More businesses at risk of credit card data breaches: Verizon

More businesses at risk of credit card data breaches: Verizon

Compliance failures with PCI are an ongoing cause for concern

Many businesses which accept credit card payments are facing problems with compliance, which raises the spectre of security breaches, according to the Verizon 2014 payment card industry (PCI) compliance report.

The report said that in most cases the main issue was implementation and not a failure of security technology. Compliance with the PCI security standard was not as big an issue as implementation of appropriate compliance and security measures as intended according to the report.

Verizon Enterprise Solutions managing director PCI practice, Rodolphe Simonetti, said “We continue to see many organizations viewing PCI compliance as a single annual event, unaware that compliance needs to have a 365 day-a-year focus.”

According to the report, initial compliance with the PCI standard had shown some improvement. In 2013 over 82 per cent of organisations were compliant with at least 80 per cent of the PCI standard when their annual baseline assessment was completed. This was compared with 32 per cent the previous year.

Breach notification laws alongside varying legal requirements and levels of adoption contributed to regional differences in the results according to Verizon. The Asia-Pacific region had the highest level of compliance, followed by the United States and Europe.

The areas where businesses struggle the most in achieving initial compliance include: security testing (23 per cent); security monitoring and the ability to effectively detect and respond to compromised data (17 per cent); and protecting stored sensitive data (55 per cent).

Simonetti said any less that 100 per cent compliance is an issue.

“We have seen time and time again that noncompliance leaves an organization open to credit card theft, which can potentially cost hundreds of millions of dollars,” he said.

The report examined in detail how organisations comply with each of the twelve specific PCI requirements and provided recommendations that companies could implement to improve compliance.

Verizon claims the report is based on case work undertaken by its team of PCI qualified security assessors from 2011 to 2013.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags verizonsecurityPCI

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments