Visa’s latest report (updated as of June 30, 2010) on the percentage of the current merchant and service provider population currently validated as PCI compliant shows that most companies have now achieved compliance with the PCI Data Security Standard (DSS).
If your organization has been putting off PCI compliance, you are part of a quickly shrinking population and will probably start receiving monthly non-compliance fines, if that hasn’t already started.
The PCI DSS is a difficult set of requirements to address, but it’s part of the reality of accepting credit cards in today’s business world. It may not be easy or inexpensive to achieve PCI compliance, but it’s certainly far less costly than the consequences of a data breach when not fully compliant, especially when the statistics show that the majority of other businesses are meeting the standard.
If you’re feeling overwhelmed by the standard and how to begin the remediation process, you may want to consider Halock’s PCI Discovery offering, which is designed to help organizations get a strong start on PCI compliance, while providing the education needed to avoid costly mistakes during the process.
Jeremy Simon, PCI QSA, CISSP, CISA
Practice Lead, PCI Compliance Services