Majority of Merchants Unable to Meet DeadlineMajority of Merchants Unable to Meet Deadline
Studies have indicated that less than half of all affected businesses will be able to meet the PCI DSS deadline on June 30, 2007
June 25, 2007
NEW YORK -- Perhaps it's time to think about paying with cash only. In less than a week's time thousands of companies will have demonstrated that they are incapable of complying with a set of security guidelines to prevent data breaches and protect credit card data against indentity theft.
All organizations that store, process or transmit credit card payments are required to demonstrate compliance with the Payment Card Industry Data Security Standard (PCI DSS) by 30th June 2007. But studies have indicated that less than half of all affected businesses will be able to meet that deadline.
Why are merchants struggling so hard to comply with what many in the security industry say are basic, common-sense security measures? Is consumer data at more risk of being stolen and abused than we've feared? Even the penalties for noncompliance -- fines of up to $500,000 and loss of the ability to accept credit cards - apparently haven't been enough to get affected businesses to take security seriously.
David Taylor, president and CEO of The Payment Card Industry Security Vendor Alliance (PCI SVA), an organization formed to assist and educate the payment card industry on the requirements and business value of PCI DSS, can discuss:
The biggest threats to data security - and why hack attacks continue to happen despite the billions of dollars companies spend on security.
What businesses need to do right now to avoid data breaches, penalties and fines.
Why so many businesses have failed to met the compliance deadline despite the fact that PCI DSS only requires best-practices security processes and policies.
Why organizations can't afford to ignore PCI DSS, even if fines and penalties aren't immediately imposed after the June 30 deadline. (Card companies have recently indicated that they'll be willing to accept risk mitigation plans in lieu of full compliance, since so many businesses will fail to meet the deadline.)
The Return On Data Security Investment (RODSI) that companies can expect to achieve if they are compliant with PCI DSS
Why simply following the letter of the PCI DSS guidelines is not enough to guarantee hack-proof security.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023