According to the “2018 Payment Security Report, PCI compliance is decreasing among global businesses, with only 52.4% of organizations maintaining full compliance in 2017, compared to 55.4% in 2016. Rates differ across regions, as companies in the Asia-Pacific region are more likely to achieve full compliance at 77.8%, compared to those based in Europe (46.4%) and the Americas (39.7%). These differences can be attributed to the timing of geographical compliance rollout strategies, cultural appreciation of awards/recognition, or the maturity of IT systems.
By business sector, IT services remain on top when it comes to compliance, with over three-quarters of organizations (77.8%) achieving full status. Retail (56.3%) and financial services (47.9%) were significantly ahead of hospitality organizations (38.5%), which demonstrated the lowest compliance sustainability.
With businesses often leveraging PCI DSS compliance efforts to meet the security requirements of data protection regulations, such as the European Data Protection Regulation (GDPR), this gap between the various business sectors that deal with electronic payments on a daily basis is significant.
Rodolphe Simonetti, global managing director for security consulting, Verizon, said that consumers and suppliers alike trust brands to secure their payment data, so the industry must act now to remedy this state of affairs. Verizon urges businesses to reassess their measurement methodologies for PCI control effectiveness, and to concentrate on managing the sustainability of their data protection.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now