Studies have indicated that less than half of all affected businesses will be able to meet the PCI DSS deadline on June 30, 2007
NEW YORK -- Perhaps it's time to think about paying with cash only. In less than a week's time thousands of companies will have demonstrated that they are incapable of complying with a set of security guidelines to prevent data breaches and protect credit card data against indentity theft.
All organizations that store, process or transmit credit card payments are required to demonstrate compliance with the Payment Card Industry Data Security Standard (PCI DSS) by 30th June 2007. But studies have indicated that less than half of all affected businesses will be able to meet that deadline.
Why are merchants struggling so hard to comply with what many in the security industry say are basic, common-sense security measures? Is consumer data at more risk of being stolen and abused than we've feared? Even the penalties for noncompliance -- fines of up to $500,000 and loss of the ability to accept credit cards - apparently haven't been enough to get affected businesses to take security seriously.
David Taylor, president and CEO of The Payment Card Industry Security Vendor Alliance (PCI SVA), an organization formed to assist and educate the payment card industry on the requirements and business value of PCI DSS, can discuss:
The biggest threats to data security - and why hack attacks continue to happen despite the billions of dollars companies spend on security.
What businesses need to do right now to avoid data breaches, penalties and fines.
Why so many businesses have failed to met the compliance deadline despite the fact that PCI DSS only requires best-practices security processes and policies.
Why organizations can't afford to ignore PCI DSS, even if fines and penalties aren't immediately imposed after the June 30 deadline. (Card companies have recently indicated that they'll be willing to accept risk mitigation plans in lieu of full compliance, since so many businesses will fail to meet the deadline.)
The Return On Data Security Investment (RODSI) that companies can expect to achieve if they are compliant with PCI DSS
Why simply following the letter of the PCI DSS guidelines is not enough to guarantee hack-proof security.
The Payment Card Industry Security Vendor Alliance (PCI SVA)
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024