More Firms Meeting PCI DSS, but Only Temporarily

 
 
By Michael Vizard  |  Posted 2015-04-06 Email
 
 
 
 
 
 
 
 
 
 

Organizations may not exactly be in love with the Payment Card Industry Data Security Standard (PCI DSS), but they are increasingly complying with it with help from solution providers across the channel. The 2015 PCI Compliance Report from Verizon finds that although more companies than ever are attaining PCI DSS compliance, few of them can maintain it since the overall IT environment remains fairly dynamic. "Compliance at a point in time isn't sufficient to protect valuable data and their reputations; organizations must make being proficient at maintaining security controls in a dynamic environment a strategic imperative," the reports explained. "Being able to say that you were compliant three months ago will be of little solace when dealing with the aftermath of a breach." Most of the data being stolen is accessed with credentials that have either been stolen or are easily cracked. Also, much of the stolen data is unencrypted, showing that companies still have work to do to move toward compliance.

 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
























 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date