Over 20% of Surveyed Companies Fail PCI Compliance Assessments
With online payments taking over so much of the business landscape – especially during the pandemic – PCI DSS has been at the forefront of regulatory mandates across most sectors of the economy. It also is considered one of the most difficult regulations to comply with due to the complex of its requirements.
According to a recent poll by SentryBay, the infrastructure of over 21 percent of surveyed companies has fallen short of PCI compliance assessments. Another 29.3 percent said they had no confidence in their own company’s compliance when it came to PCI DSS.
The poll, which was administered via Twitter in June among cybersecurity professionals, also found there was a lack of confidence in the PCI standards within today’s hybrid working environments. Over 50 percent of those surveyed said they either believed PCI regulations were not relevant or that they needed adjusting to suit current working models.
As you know, the PCI DSS standard mandates that organizations maintain a secure network and systems to host transactions, including a properly configured network firewall to protect cardholder data, and restrict data access to those with a genuine business need.
Compliance challenges are a huge factor for failure, according to the poll. When asked what the biggest challenges were to ensuring compliance, 30.7 percent said PCI DSS is too complex, and 23.6 percent believe the contradictions of the process were the largest barrier.
For organizations trying to manage their evolving security landscapes as the workforce remains in flux following the pandemic, addressing the numerous security requirements of PCI is a daily task. More than 24 percent of respondents said educating employees on PCI compliance was their biggest challenge.
The difficulty of a regulation or the complexity of its nuances do not give your company a pass from compliance. Don’t ignore your regulatory needs due to challenges you encounter. Instead, partner with a cybersecurity expert like 2W Tech. We have a comprehensive Cybersecurity Compliance Program that will maintain your compliance with PCI DSS and other industry regulations you must adhere to. Contact us today to get started.