A new Verizon report has found that too many businesses, following their annual assessment for meeting the Payment Card Industry Data Security Standard , fail to maintain ongoing compliance — putting the businesses at increased risk for data breaches, and financial and reputational damages.

The "Verizon 2014 PCI Compliance Report" affirms that payment card transactions remain a prime target for attackers, and the rate at which data breaches are occurring appears to be increasing. It is estimated by The Nilson Report that global credit card fraud exceeded $11 billion in 2012 alone.

According to the report, in most cases, payment card data breaches are not a failure of security technology or of compliance with PCI DSS, but rather a failure to implement appropriate compliance and security measures, as intended.

"We continue to see many organizations viewing PCI compliance as a single annual event, unaware that compliance needs to have a 365 day-a-year focus," said Rodolphe Simonetti, managing director of PCI practice at Verizon Enterprise Solutions.

However, there is a bright spot in the report: Organizations' initial compliance with the PCI standard has shown some improvement. In 2013, more than 82 percent of organizations were compliant with at least 80 percent of the PCI standard at the time of their annual baseline assessment, compared to just 32 percent in 2012.

There were also regional differences due to breach notification laws, varying legal requirements and levels of adoption. The Asia-Pacific region took the top spot (75 percent), followed by the U.S. (56 percent) and Europe (31 percent) meeting at least 80 percent of PCI requirements.

Areas where businesses struggle the most in achieving initial compliance include:

  • security testing (23.8 percent);
  • security monitoring and the ability to effectively detect and respond to data compromised (17 percent); and
  • protecting stored sensitive data (55.6 percent).

"Anything less than 100 percent compliance is an issue for businesses today," said Simonetti. "We have seen time and time again that noncompliance leaves an organization open to credit card theft, which can potentially cost hundreds of millions of dollars when you factor in all the damages, not to mention lost consumer trust and the impact on brand reputation. Organizations need to rethink how they factor in maintaining a PCI-compliant environment, whether it's devoting more resources or working with a managed security services provider."

Read more about retail payments.

Related Content

User Comments – Give us your opinion!
Products & Services

Green KIOSKS

http://global.networldalliance.com/new/images/products/4622.png

4622/Green-KIOSKS

Self-Service Kiosk

http://global.networldalliance.com/new/images/products/selfservice_kiosk_100.gif

144/Self-Service-Kiosk

PCI Compliance Services

http://global.networldalliance.com/new/images/products/4892.png

4892/PCI-Compliance-Services

SoloHealth Station® Kiosk

http://global.networldalliance.com/new/images/products/5687.png

5687/SoloHealth-Station-Kiosk

DMV KIOSKS

http://global.networldalliance.com/new/images/products/4623.png

4623/DMV-KIOSKS

Total-Custom Setup

http://global.networldalliance.com/new/images/products/6201.png

6201/Total-Custom-Setup

Super-Slim LCD for Video Walls | 55” NEC X551S

http://global.networldalliance.com/new/images/products/4697.png

4697/Super-Slim-LCD-for-Video-Walls-55-NEC-X551S

Slabb X10 Informational Wayfinding Kiosk

http://global.networldalliance.com/new/images/products/6473.png

6473/Slabb-X10-Informational-Wayfinding-Kiosk

Content Management Software - Remote Transfer

http://global.networldalliance.com/new/images/products/remote_transfer_100.gif

184/Content-Management-Software-Remote-Transfer

LG 47LN541C

http://global.networldalliance.com/new/images/products/6439.png

6439/LG-47LN541C

CONNECT 2014 Mobile Innovation Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.