Four in five companies fail PCI compliance assessment


By Dylan Bushell-Embling
Friday, 13 March, 2015

Four in five companies fail PCI compliance assessment

Four out of five companies fail their interim Payment Card Industry Data Security Standard (PCI DSS) compliance assessment, leaving them vulnerable to cyberattacks, according to Verizon.

The US telecom giant’s 2015 PCI Compliance Report shows that only 29% of companies are still fully PCI DSS compliant less than a year after being validated.

The report shows signs of improvement, with compliance increasing across 11 of the 12 PCI DSS controls. Around 60% of the companies assessed in 2014 were compliant with any given requirement.

But compliance is still inadequate for many businesses handling payment card transactions, according to Verizon Enterprise Solutions Managing Director Rodolphe Simonetti.

“The three key areas where organisations fall out of compliance are: regularly testing security systems, maintaining secure systems and protecting stored data,” he said.

“Of all the data breaches studied, Verizon’s findings clearly show that not a single company was fully PCI DSS-compliant at the time of the breach.”

The volume and scale of data breaches in the past 12 months shows that current security techniques are not stopping attackers and in many cases aren’t even slowing them down, Simonetti said.

PCI DSS compliance should only be viewed as one part of a comprehensive information security and risk management strategy.

Verizon’s report analyses PCI DSS compliance for companies in more than 30 countries, with a specific focus on companies in the financial services, retail and hospitality sectors.

Image courtesy of Sean MacEntee under CC

Related News

Digital trust leaders outperform their peers: research

Companies categorised as leaders in implementing digital trust strategies are reaping the...

IT decision-makers believe AI is key to protect against cyber threats: report

According to reseach, 40% of Australian IT decision-makers believe the use of AI will help them...

New Relic upgrades app security testing suite

The New Relic Interactive Application Security Testing solution has been upgraded with new...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd