PCI Compliance Is Not Just an Annual Event

Blog
10 June 2014
Tablet open to year-long calendar, sitting on desk

There is one common theme connecting all the companies that have experienced cardholder data breaches over the past five years; not one was in full compliance with the Payment Card Industry Data Security Standard (PCI DSS) at the time of the breach.

The reality is that whilst a number of the affected companies were compliant once, they were no longer compliant at the time of the breach. In fact, reports show that companies potentially lose their full compliance status as quickly as a few weeks after their assessment.

A recent report found that despite an increase of 3.6% in the past year, only 11.1% of organizations that accept card payments complied with PCI DSS in 2013. The report is based on findings from hundreds of PCI DSS assessments conducted by PCI Qualified Security Assessors from 2011 to 2013.

These figures show that businesses have begun to realize the benefits of complying with the security standards, but still have a long way to go.

Why Does PCI Compliance Slip?

Many organizations remain at risk by failing to maintain full PCI compliance and being unable to attain compliance the following year, which often leaves them exposed. There are various reasons for this:

  • Cost – Compliance potentially represents a large segment of a business’s annual operational budget
  • Time – Attaining compliance is not a quick fix and often takes months to ensure a company is ready for a visit from the QSA
  • Resources – The task of becoming compliant or maintaining compliance is often left with a senior member of staff whose time is solely focused on PCI DSS

Unfortunately, Europe is falling behind the rest of the world with only 31% of businesses accomplishing 80% or more of the PCI DSS requirements, as opposed to 75% in Asia and 56% in the US.

Achieving PCI compliance and maintaining it is often seen as an arduous, expensive and time-consuming task. More and more companies are looking to implement cost-effective secure payment solutions that help them achieve and maintain full compliance with PCI DSS, and that’s where we come in.

If you’d like to find out more about our suite of smart PCI solutions, please get in touch with our consultants today.

View more Blogs Knowledge Center

You may also be interested in

News
PCI Pal Named Finalist in 2023 Security Awards
PCI Pal Named Finalist in 2023 Security Awards
PCI Pal named a finalist in the Best Security Compliance in Enterprise category in The Cloud Security Awards 2023.
Read more
Secure Contact Center Payments
Blog
4 Steps to Secure Contact Center Payments
4 Steps to Secure Contact Center Payments
As security threats continue to increase in sophistication and frequency, and data privacy regulations continue to develop, organizations must manage the ever-present threats when protecting sensitive customer data. Here's 4 steps to secure contact center payments.
Read more
Preparing for ADPPA Infographic
Infographic
Preparing for the ADPPA
Preparing for the ADPPA
Our infographic walks through preparing for ADPPA and positioning your business for the requirements of the American Data Privacy and Protection Act.
Read more
Blog
How Businesses Can Prepare for the ADPPA
How Businesses Can Prepare for the ADPPA
The ADPPA introduces an opportunity for businesses to differentiate themselves and build consumer trust. Discover how businesses can prepare for the current and future data protection legislation.
Read more

More related content

Chat with us