By Kelly Jackson Higgins
Oct 04, 2010
Data from PCI DSS assessments conducted by Verizon Business' PCI
auditors shows that organizations hit by breaches are 50 percent less
likely to be PCI-compliant than its other clients.
The first-ever Verizon Payment Card Industry Compliance Report, released
today, analyzed findings from actual PCI DSS assessments Verizon
conducted between 2008 and 2009. The report also shows that only 22
percent of organizations score as compliant with the PCI DSS at their
Protecting stored data, tracking and monitoring access to network
resources and cardholder data, and regularly testing security systems
and processes were the top three reasons for breaches in Verizon's 2010
Data Breach Investigations Report. And it's those three security areas
where companies are having difficulty deploying or complying with in
PCI, according to Verizon.
"We found a direct correlation to the top reasons for data breaches,"
says Jen Mack, director of global PCI consulting services at Verizon.
"PCI requires protecting source data, monitoring and reviewing, and
systematically checking and scanning and penetration testing ... And we
could see those were the top reasons for breaches in our breach report.
We see in our PCI report that these areas have the least amount of
requirements in place at the time of their Initial Report on
Subscribe to InfoSec News - www.infosecnews.org