Businesses offering card payment facilities more vulnerable to cybercrime: report
With the fall in compliance rate, businesses around the world are more prone to cybercrime, said Verizon 2018 Payment Security Report
New Delhi: Compliance with the Payment Card Industry Data Security Standard (PCI DSS) drops for the first time in six years with 52.5% of organizations maintaining full compliance in 2017 compared to 55.4% in 2016, said Verizon 2018 Payment Security Report. PCI DSS helps businesses that offer card payment facilities to protect their payment systems from breaches and theft of cardholder data.
With the fall in compliance rate, businesses around the world are more prone to cybercrime.
Companies in the Asia-Pacific region are more likely to achieve full compliance at 77.8%, compared to those based in Europe (46.4%) and America (39.7%), the report said. These differences can be attributed to the timing of geographical compliance rollout strategies, cultural appreciation of awards/recognition, or the maturity of IT systems, it added.
“Data-sharing and cross-industry collaboration is vital to understanding the evolving threat landscape and to progress global payment security. As evident in this report, organizations continue to face challenges in maintaining high-levels of security and demonstrating ongoing compliance in rapidly changing environments,” said Troy Leach, Chief Technology Officer of the PCI Security Standards Council. “Organizations should pay close attention to the findings in the report to remain vigilant for key learnings on how to remain secure. Compliance should never be seen as the end goal for security but rather a measurement for an organization’s continued success in protecting data,” he added.
The report, which highlights compliance patterns based on industry experiences from the retail, hospitality, IT and financial services sector, shows that IT services remain on top when it comes to compliance, with over three-quarters of organizations (77.8%) achieving full status. Retail (56.3%) and financial services (47.9%) were significantly ahead of hospitality organizations (38.5%), which demonstrated the lowest compliance sustainability, it said.
“With businesses often leveraging PCI DSS compliance efforts to meet the security requirements of data protection regulations, such as the European Data Protection Regulation (GDPR), this gap between the various business sectors that deal with electronic payments on a daily basis is significant,” the report said.
“PCI compliance standards are slipping across global businesses and this simply can’t continue… We urge businesses to reassess their measurement methodologies for PCI control effectiveness, and to concentrate on managing the sustainability of their data protection,” comments Rodolphe Simonetti, global managing director for security consulting, Verizon, a security consultancy company.
- Oil prices on shaky ground amid global financial market worries
- The evolution of Urjit Patel since demonetisation
- Creditors say can’t decide on resolution plan proposed by Essar Steel investors
- Railway Board gives in-principle approval to Rs55,000 crore Mumbai sub-urban rail project
- Nissan opens global digital hub in Kerala, first MNC to set up shop in state after 7 years
Editor's Picks »
- iPhone ban in China may push Apple, Qualcomm toward settlement
- Assembly Election Results: All you need to know before counting begins
- Madhya Pradesh election results updates: Congress looks to end BJP’s 15-year run
- Telangana Election Results 2018: Will K Chandrasekhar Rao’s TRS retain power? Counting begins at 8am
- Chhattisgarh election results updates: Congress, BJP in close contest
- Steel stocks get winter chill as China demand issues resurface
- Why Uday Kotak’s defiance is scaring his bank’s investors
- Exit RBI governor Urjit Patel, enter wrath of the markets?
- The government has a troubling message for minority shareholders
- Opec-allies’ output cut may not amount to big shift in oil prices