In this article, NNT interviews Stuart Golding, a Programme Manager for PCI DSS, as they examine the current state of PCI DSS and what the future holds for one of the most widely-implement cyber security standards.
“Thanks for taking the time to talk to us today Stuart. I wanted to begin by asking you what’s the current state of play with PCI DSS? I recently read the 2015 Verizon report on PCI Compliance which suggested that 80% of merchants overall do not meet PCI DSS requirements. There was also a study by the Merchant Acquirers Committee that showed more than 30% of Level 1 Merchants are not compliant. What’s your view of the current adoption of the PCI DSS?"
My work over that last 10 years has been with a number of the UKs leading merchants, typically major retailers in the FTSE 500, and all of these organizations have always taken their responsibilities very seriously. Having said that, PCI DSS adoption isn’t ever done with the flick of a switch, due to the scale and complexity of the payments architectures in use, covering multiple lines of business and payment channels. Even the initial de-scoping – a tactic employed in any PCI programme – will take months to achieve within a major enterprise estate.
Read the full article on Information Security Buzz