In January, Visa said 77% of the largest U.S. retailers and 62% of midsize retailers were PCI compliant. Visa touted these numbers as evidence of improved credit card data security and progress of the PCI initiative.
But other numbers dispute Visa's claims. One independent retail analyst firm says its own survey puts compliance of large retailers at 46% and of midsize businesses at 50%. "Retailers are well behind where they need to be," says Steve Rowen, a partner at Retail Systems Research, which surveyed 174 retailers, 45% of which generate at least $1 billion in annual revenue. It should be noted that Rowen's study classifies retailers by annual revenue rather than by credit card transactions, so his numbers don't represent an apples-to-apples comparison with Visa's.
But Rowen also cites a more damning statistic: Only 40% of respondents have completed a wall-to-wall assessment to uncover all the places customer account data is held. Requirement 3 of the PCI standard is to protect stored cardholder data. But merchants can't secure that data if they don't know everywhere it is, making compliance impossible.
Rowen says Visa may be inflating compliance rate for several reasons. First, high compliance numbers make PCI look successful. Second, if the card brands fail to enforce stricter protection of card data among merchants, it's likely the federal government will step in. Not only might federal regulations be more onerous and expensive, they may also place significant restrictions on the type and amount of information that retailers can collect about customers.
This gets merchants' attention.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
