Menu
More businesses at risk of credit card data breaches: Verizon

More businesses at risk of credit card data breaches: Verizon

Compliance failures with PCI are an ongoing cause for concern

Many businesses which accept credit card payments are facing problems with compliance, which raises the spectre of security breaches, according to the Verizon 2014 payment card industry (PCI) compliance report.

The report said that in most cases the main issue was implementation and not a failure of security technology. Compliance with the PCI security standard was not as big an issue as implementation of appropriate compliance and security measures as intended according to the report.

Verizon Enterprise Solutions managing director PCI practice, Rodolphe Simonetti, said “We continue to see many organizations viewing PCI compliance as a single annual event, unaware that compliance needs to have a 365 day-a-year focus.”

According to the report, initial compliance with the PCI standard had shown some improvement. In 2013 over 82 per cent of organisations were compliant with at least 80 per cent of the PCI standard when their annual baseline assessment was completed. This was compared with 32 per cent the previous year.

Breach notification laws alongside varying legal requirements and levels of adoption contributed to regional differences in the results according to Verizon. The Asia-Pacific region had the highest level of compliance, followed by the United States and Europe.

The areas where businesses struggle the most in achieving initial compliance include: security testing (23 per cent); security monitoring and the ability to effectively detect and respond to compromised data (17 per cent); and protecting stored sensitive data (55 per cent).

Simonetti said any less that 100 per cent compliance is an issue.

“We have seen time and time again that noncompliance leaves an organization open to credit card theft, which can potentially cost hundreds of millions of dollars,” he said.

The report examined in detail how organisations comply with each of the twelve specific PCI requirements and provided recommendations that companies could implement to improve compliance.

Verizon claims the report is based on case work undertaken by its team of PCI qualified security assessors from 2011 to 2013.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags verizonsecurityPCI

Featured

Slideshows

Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Reseller News ICT Industry Awards 2017 - Meet the winners...

Reseller News ICT Industry Awards 2017 - Meet the winners...

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established and emerging partners on a memorable night in Auckland.

Reseller News ICT Industry Awards 2017 - Meet the winners...
Show Comments