Verizon: There is a link between payment card security standard compliance and the ability to defend against cyberattacks
With cybercrime on the increase, payment card security is increasingly a focus for companies and consumers alike. The Payment Card Industry Data Security Standard (PCI DSS) is there to help businesses that take card payments protect their payment systems from breaches and theft of cardholder data.
The findings from the Verizon 2017 Payment Security Report (2017 PSR) demonstrate a link between organizations being compliant with the standard, and their ability to defend themselves against cyberattacks.
Of all payment card data breaches Verizon investigated, no organization was fully compliant at the time of breach, and showed lower compliance with 10 out of the 12 PCI DSS key requirements.
Overall PCI compliance has increased amongst global businesses, with 55.4 percent of organizations Verizon assessed passing their interim assessment in 2016. This is an increase from 2015, when only 48.4 percent of organizations achieved full compliance during their interim validation. This means that nearly half of retailers, restaurants, hotels and other business that take card payments are still failing to maintain compliance from year to year.
Key insight and real-life examples into business sector compliance
According to the report IT services industry achieved the highest full compliance of all key industry groups studied. Globally, about three fifths (61.3 percent) of IT services organizations achieved full compliance during interim validation in 2016, followed by 59.1 percent of financial services organizations (which includes insurance companies), retail (50 percent) and hospitality (42.9 percent).
The 2017 PSR also flags the compliance challenges faced by specific business sectors including:
- Retail: security testing, encrypted data transmissions and authentication.
- Hospitality and travel: security hardening, protecting data in transit and physical security.
- Financial Services: security procedures, secure configurations, protecting data in transit, vulnerability management and overall risk management.
Real-life examples highlight situations where compliance controls are not followed. For example – a financial services organization seeking exemption from the Wi-Fi requirements of PCI DSS was surprised to learn that it did in fact have a wireless network operating in its building – this lack of knowledge causing it to fail. The IT admin had got tired of traipsing from the server room in the basement to the IT department on the third floor, and so had installed a router to access the servers from his desk.
Mind the ‘control gap’ – key to compliance sustainability
When looking at the PCI controls that companies would be expected to have in place (such as security testing, penetration tests etc), the report found an increased ‘control gap,’ meaning that many of these basics were absent. In 2015, companies failing their interim assessment had an average of 12.4 percent of controls absent; this has increased to 13 percent in 2016.
Simonetti continues, “It is no longer the question of ‘if’ data must be protected, but ‘how’ to achieve sustainable data protection. Many organizations still look at PCI DSS controls in isolation and don’t appreciate that they are inter-related – the concept of control lifecycle management is far too often absent. This is often the result of a shortage of skilled in-house professionals – however, in our experience, internal proficiency can be dramatically improved with lifecycle guidance from external experts.”
The 2017 PSR offers five key guidelines to assist with control lifecycle management:
- Consolidate for ease of management – Adding more security controls is not always the answer – the PCI DSS Standard already contains numerous interlinked data protection standards and regulations. Organizations should be able to use this to consolidate controls, making them easier to manage overall.
- Invest in developing expertise – Organizations should invest in their people to develop and maintain their knowledge of how to enhance, monitor and measure the effectiveness of controls in place.
- Apply a balanced approach – Companies need to maintain an internal control environment that is both robust and resilient if they want to avoid controls falling out of compliance.
- Automate everything possible – Applying data protection workflow and automation can be a huge asset in control management – but all automation also needs to be frequently audited.
- Design, operate, and manage the internal control environment – The performance of each control is inter-linked. If there is a problem at the top, this will impact the performance of the controls at the bottom. It is essential to understand this in order to achieve and maintain an effective and sustainable data protection program.
Pingback: c3q4r43rq3r4qr34e
Pingback: Wall Tapestry
Pingback: news
Pingback: https://royalcbd.com/product/cbd-oil-1000mg/
Pingback: http://canadapharmacy.com
Pingback: 918kisslogin
Pingback: 메리트카지노
Pingback: natural beauty products
Pingback: cbd oil buy
Pingback: 메리트카지노
Pingback: register agent xe88
Pingback: nutravesta proven
Pingback: 메리트카지노
Pingback: silencil reviews
Pingback: buy viagra illegally
Pingback: Brighton to Heathrow Taxi
Pingback: agencia detectives toledo
Pingback: Visit our site
Pingback: film izle
Pingback: hd film izle
Pingback: play slots for real money
Pingback: Aaron Lal
Pingback: Ping Geyer
Pingback: malaysia mega888 binding device
Pingback: mega888 dl
Pingback: special info
Pingback: 34cr4rxq3crq34rq3r4
Pingback: corporate secretarial services singapore
Pingback: Pound of Weed
Pingback: c34r54wxw4r34c3
Pingback: social media examiner
Pingback: cash for gold Boston
Pingback: 텍사스홀덤
Pingback: play'n go slot games
Pingback: same Day Courier uk
Pingback: optima
Pingback: landscapers
Pingback: cut files
Pingback: Home Espresso Machines
Pingback: phenq recensioni vere
Pingback: buy cbd oil
Pingback: cbd for dogs
Pingback: شركة كشف تسربات المياه بالاحساء
Pingback: cbd for dogs
Pingback: buy cbd oil
Pingback: live22
Pingback: Julian Di Benedetto
Pingback: JakeGeruson
Pingback: reparation volet roulant paris
Pingback: delivery robe
Pingback: tshirts
Pingback: pussy
Pingback: cryptocurrency blog
Pingback: オンラインショッピング
Pingback: online jewelry stores
Pingback: brighton airport taxis
Pingback: prepping
Pingback: 코인카지노
Pingback: dtxplatform
Pingback: Trans Sex Guide
Pingback: Why can’t I get over my ex who treated me badly?
Pingback: Accountability Training
Pingback: get info
Pingback: My wife doesn’t love me anymore
Pingback: Read More
Pingback: Click
Pingback: Like This
Pingback: check it
Pingback: read here
Pingback: read here
Pingback: click
Pingback: d-bal
Pingback: tabletki na potencję
Pingback: ISO merchant services
Pingback: Dynafit Skypro Trail Running Shoes
Pingback: takipçi satın al
Pingback: recettes faciles
Pingback: Viagra bez recepty
Pingback: how to start a merchant processing company
Pingback: best iso agent program
Pingback: W88
Pingback: W88
Pingback: merchant account referral program
Pingback: North American Bancard ISO
Pingback: it disposal
Pingback: Plug Pendant
Pingback: alpha88 เครดิตฟรี
Pingback: نكهات الشيشة الإلكترونية
Pingback: melhores hospedagens
Pingback: Hedge fund jobs
Pingback: what is menstrual cup
Pingback: hitet e fundit shqip
Pingback: brendon shanil entrepreneur
Pingback: Company Registration
Pingback: learn security camera installation
Pingback: the computer recycler
Pingback: State Fssai License Delhi
Pingback: buy real Instagram likes
Pingback: best delta 8 THC vape cartridges
Pingback: cob led strips knowledge
Pingback: bong88link
Pingback: Madres Tulsa
Pingback: thùng giấy
Pingback: SeekHash
Pingback: buy weed
Pingback: tiktok followers
Pingback: https://acnebase.com/what-is-acne-you-know-you-dont-want-it/
Pingback: SportsTech VP300
Pingback: healthy desserts
Pingback: bladeless fan
Pingback: mesothelioma treatment guidelines
Pingback: Michael Wisniewski CT
Pingback: Simply Crafted CBD Syrup
Pingback: detox tea
Pingback: normal pulse ox
Pingback: w88
Pingback: Flash Disk
Pingback: https://www.allresults.com/back-store.html?store-page=Jade-c113555847
Pingback: Amherstnational.com
Pingback: https://ad.beegix.com/search/kaia-katava
Pingback: Karikaturtegning
Pingback: Blue Great Dane puppy
Pingback: best adjustable beds
Pingback: vn88tnta
Pingback: vnw88.com
Pingback: перевод денег карта днр
Pingback: https://1gom.net
Pingback: bk8vn.com
Pingback: sbobet link
Pingback: strawberries with sugar
Pingback: Barasat Municipality
Pingback: 1888bet
Pingback: fun88vnn
Pingback: His Secret Obsession Hero Instinct PDF
Pingback: https://www.bartier.com.au/insights/articles/modern-slavery-reporting-the-clock-is-ticking/ or press release - https://www.bartier.com.au/insights/in-the-media/lack-of-clarity-may-hamper-aussie-companies-tackling-modern-slavery/
Pingback: amazon crypto
Pingback: Airport Eagles customer login
Pingback: San Antonio Excavating contractors
Pingback: excavation contractors near me
Pingback: Local painting company
Pingback: Bartier Perry
Pingback: Cryptocurrencies news
Pingback: mali znanstvenici igračke
Pingback: https://voyance.solutions
Pingback: Entertainment
Pingback: G Data AntiVirus 2PC
Pingback: Cryptocurrency
Pingback: live sex
Pingback: what does full send mean
Pingback: https://dailycbd.com/
Pingback: 파워볼
Pingback: credit repair software
Pingback: Cash app money generator
Pingback: my latest blog post
Pingback: free disposal of computers
Pingback: Microsoft Outlook
Pingback: missing persons investigator near me
Pingback: corporate private investigation
Pingback: สมัครสล็อต
Pingback: spbo macauslot
Pingback: https://ldaustinart.com/is-it-good-to-have-real-life-sex-dolls/
Pingback: peptydy kulturystyka
Pingback: pierwszy cykl
Pingback: boyama sayfaları
Pingback: workplace misconduct
Pingback: missing teen
Pingback: cryptocurrency payment gateway
Pingback: warszawa psycholog
Pingback: amazon w polsce kiedy
Pingback: rozwód kościelny zasady
Pingback: ซื้อหวยออนไลน์
Pingback: ซื้อหวยออนไลน์
Pingback: ซื้อหวยออนไลน์
Pingback: milton wedding photography
Pingback: Fall-Asleep-Fast-with-DARK-SCREEN
Pingback: Anxiety
Pingback: GTE-Technology
Pingback: 마사지커뮤니티
Pingback: https://robloxsongidcodes.com/|https://robloxsongidcodes.com|http://robloxsongidcodes.com/|www.robloxsongidcodes.com|robloxsongidcodes.com|roblox song id codes|roblox music codes|roblox song ids|roblox song codes|roblox music id codes|roblox id|roblox mus
Pingback: hen night transfer
Pingback: Pride of East Africa
Pingback: Black Entertainment News
Pingback: AKNANCE
Pingback: 폰테크
Pingback: China Wholesale Vapes
Pingback: children's adhd
Pingback: maid service dubai
Pingback: pozycjonowanie
Pingback: more tips here
Pingback: Read Full Article
Pingback: pozycjonowanie
Pingback: check this site out
Pingback: odwiedz
Pingback: Flipkart coupons
Pingback: college dorm party
Pingback: Painters Salt Lake City
Pingback: Painters Chula Vista
Pingback: download nitro pdf
Pingback: ASUU
Pingback: Gullas College of Medicine
Pingback: furniture
Pingback: you can try these out
Pingback: 출장안마
Pingback: FASHION
Pingback: Texas Holdem Poker
Pingback: Homes For Sale Near Me
Pingback: sarathi parivahan application status
Pingback: IT Services Sussex
Pingback: d2r crypto
Pingback: SQL Server 2014 Standard 10 User Cals
Pingback: Poker Siteleri
Pingback: ad posting
Pingback: 퍼펙트가라오케
Pingback: pizzastory.pl
Pingback: toshiba satellite radius p55w-b5220 replacement screen
Pingback: Bahis Siteleri
Pingback: اشتراك يوتيوب
Pingback: what is a irra