As the value of customer data increases across multiple industries, so does the cost of protecting that information. As the stakes get ever higher, industry experts advise adding more security expertise to senior leadership and investing in data protection measures to lower the costs of a security breach and preserve the reputation of businesses. In addition, the urgency to lock down on compliance and protection is growing quickly as the EU’s GDPR deadline is just mere months away. With this increased attention to data security, brands are increasingly concerned with addressing the cost of data compliance.
Is the expense concern with compliance misplaced?
According to Tech Target, the ROI of data protection compliance might be debatable for smaller companies, but for larger companies, compliance is actually cheaper than navigating loopholes to pass audits. According to a report conducted by the Ponemon Institute late last year, the average cost of compliance was $5.47 million. In comparison, the average cost of noncompliance during the same period was almost 3 times higher at $14.82 million. Additionally, the report found that the cost of compliance is related to the effectiveness of the company’s security system. This means that organisations with better security effectiveness had a lower cost of implementing and maintaining compliance.
Many companies struggle to ensure compliance, whether or not it’s related to cost. This is especially true when it comes to PCI DSS where according to a 2017 report the average merchant is not compliant with almost half (47%) of current PCI DSS requirements at the time of their data compromise. Of those that do pass compliance checks, almost a third are not compliant just 12 months later, according to Verizon’s PCI DSS Compliance report.
If you have any questions about the cost of compliance and how to get started on becoming compliant, get in touch with our team today. With the cost of noncompliance rising and GDPR pending, band-aids such as compensating controls won’t work anymore, especially in the contact centre. We’re here to help with all your PCI compliance queries, ensuring your contact centre remains as safe and protected as possible.