|
|
|
28 Oct 2008
Comments:1
UK firms are more aware than ever before of the need to be compliant with the Payment Card Industry (PCI) standard.
Figures released by customer interaction specialist The Logic Group, which questioned several hundred public sector and commercial organisations in the UK, showed that the amount of firms holding back over becoming compliant has dropped by almost half.
This is mainly due to the increasingly sophisticated and high profile cases
of card security breaches in the media, resulting in almost total awareness of
the standard.
Last year, 11 per cent of organisation were found to be fully compliant,
according to the Logic Group’s figures, but in 2008 a total of 15 per cent
reported full compliancy. In addition a further 54 per cent are in remediation
and 34 per cent expect to be compliant within the next six months.
Further reading
Robin Adams, director of security risk and compliance at The Logic Group, said: “For the first time since we started to monitor progress through the survey four years ago, we’re seeing the majority of respondents believing that their business will benefit from implementing PCI. We feel this is the year of the final push – where we’ll break the back of the compliance problem. With total UK card fraud losses increasing by 14 per cent in the first half of this year – the impetus has never been greater.”
Earlier this month the advisory board of the Security Council responsible for setting the PCI DSS guidelines met in Brussels to discuss progress in Europe, and developments for the standard’s implementation.
Bob Russo, general manager of the PCI SCC, said: “The Logic Group PCI survey has been a useful resource in providing a barometer of progress towards PCI compliance within the UK for the past four years. The UK is now firmly on the way towards meeting PCI compliance.”
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
PCI DSS...we still have a long way to go
The take up and awareness figures issued by the Logic Group are only based on a selection of ?large? public sector and commercial organisations which only account for around 15 ? 20% of ALL merchants. Fraud figures suggest that data theft is now taking hold at the lower end, mainly due to the larger organisations adopting PCI DSS, and as they implement the required security overlays to their infrastructure in pursuit of their own compliance, it is pushing the fraudsters down the food chain to the smaller organisations who have not yet implemented these controls. To that effect the vast majority of merchants (namely the SME market) where the awareness of PCI is ?scant? are now more at risk of breach as the previous ?easy targets? of the large retailers are harder and harder to breach.
In my opinion, UK PLC is still a long way off PCI DSS compliance, and let?s not forget that PCI DSS is very similar to the requirements for Data Protection and if organisations had taken Data Protection seriously then they would have very little to do to attain PCI DSS compliance. The landscape is changing and we are moving into ?the age of regulation? and merchants need to take the necessary steps to protect both their bottom line and also their brand.
Posted by Matthew Tyler, Evolution Security Systems | 30 Oct 2008
Have your say