Victims subject to PCI DSS could have avoided data breaches


Every organisation that stores, transmits or processes card holder data must comply with PCI DSS standard. However, according to the Verizon 2012 Data Breach Report, 96% of cybercrime victims subject to PCI DSS had not achieved compliance. Compliance with the standard is regulated and enforced by the 'acquiring bank' with whom every organisation must have a merchant account.

Alan Calder, CEO of PCI DSS-compliance experts IT Governance, says, “Given the fact that so many vendors are not yet compliant with PCI DSS, it is not surprising that they were hit most. Organisations storing payment card data are an attractive target for cybercriminals and unless they improve their IT network security they turn into an easy target.
“Most data breaches are avoidable if there are appropriate countermeasures. Complying with the PCI DSS standard is less expensive than non-compliance. The latter makes organisations subject to additional charges from the bank or they have to pay heavy fines in case of a data breach.” adds Calder.
If organisations don’t want to pay consultancy fees to become PCI DSS-compliant and chose the ‘do-it-yourself’ route, they can draw upon a number of resources. These include books and pre-written documentation that will guide them through the compliance process, step by step.
The PCI DSS v2.0 Documentation Compliance Toolkit unites the skilled knowledge of a consultant with the freedom to implement PCI policies into an organisation at any time, place and pace, suiting the professionals tasked with achieving compliance.
The PCI DSS v2.0 Documentation Compliance Toolkit combines expert guidance, 12 months of on-hand support and free documentation upgrades. Priced at only £249.95, it is a cost-efficient solution to compliance representing only a fraction of the cost for a day consultancy.
The PCI DSS v2.0 Documentation Compliance Toolkit can be downloaded immediately online from
This website uses cookies. View our cookie policy