Fewer than a third of retailers stay compliant between audits
Only 28.6 percent of retailers remain compliant during the time between compliance assessments, according to a preview of the Verizon’s 2015 PCI Report.
“We see compliance going down day by day, month by month, after the assessment,” said Rodolphe Simonetti, managing director for Verizon’s compliance consulting. “Compliance is supposed to be supporting security, not just a yearly checklist.”
The Payment Card Industry Data Security Standard has 12 main requirements. The most likely to go unmet between audits? The requirement to maintain a firewall and making sure that there is a strong network protection later, said Simonetti.
Not every company drops the ball on this one, he added. But the majority do.