|Main Archive Page > Month Archives > infosec-news archives|
By Fahmida Y. Rashid
Retailers and merchants are still falling short of payment card security
requirements, according to a new report.
The latest Payment Card Industry Compliance Report found that a majority
of small businesses in the United States, Europe and Asia have fallen
short of maintaining compliance with the Payment Card Industry Data
Security Standard (PCI-DSS), Verizon Business said Sept. 28. The
compliance situation has "neither worsened nor improved," but the
results are still "disappointing," the report's authors wrote.
Of the 100 organizations that had been evaluated and validated by
Verizon Business in the 2010 report as meeting PCI-DSS requirements,
more than 75 percent are no longer compliant, the report found. The
organizations had slipped out of compliance over the year, making them
vulnerable to cyber-attacks.
There is a glimmer of good news. The report did not find any evaluated
organizations that had regressed to having no security at all, but that
they were missing some elements. For an organization to be able to claim
to be PCI-compliant, it has to score 100 percent on the audit. The
report found that 21 percent scored 100 percent and 37 percent 90
percent or higher, meaning that more than half scored 90 percent or
FINAL CALL to register #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!