Not being PCI compliant is the most common factor in all of the breaches, while being compliant is not guaranteeing you that it will stop the attack from happening. But when that attack happens and you are in catch up mode trying to get ahead of the breach, being PCI compliant may still help you.
Compliance is a hard thing to achieve and once achieved it can be even harder to keep, compliance requires you to run assessments on a regular basis.
Verizon's PCI Security practice recommends five key approaches to help organizations achieve and maintain PCI compliance and perhaps even derive ROI from compliance efforts:
- Don't underestimate the effort involved in staying PCI compliant.
- Make PCI compliance sustainable.
- Think of PCI compliance in a wider context.
- Leverage compliance as an opportunity.
- Focus on scoping.
No comments:
Post a Comment