Verizon’s Payment Security Study Reveals 3 Worrisome Trends

Governance and Compliance

the bare minimum. Only 18 percent of organizations exceeded the DSS requirement for how many times they should measure their controls.

Compliance reporting is a big area of bare minimums. Forty percent of businesses measured their PCI compliance annually, and only 19 percent reported their compliance monthly.

And in other cases, organizations depend too much on external compliance assessors who periodically inspect their system.

“Not reviewing controls throughout the year can lead to failure to react to changes in the control environment quickly enough to maintain security. Organizations need to develop a program of ongoing internal reviews that evaluates control effectiveness.”

The entire study is available online. You can read about Verizon’s 2017 report on our site.

Kaseya‘s recent IT operations study has interesting numbers on PCI compliance.

Pages: Previous 1 2

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 109033