Imperva, a security firm sponsored “2010 PCI DSS Compliance Trends Study” from the Ponemon Institute has recently revealed that the payment card industry data security standards (PCI-DSS) is working effectively to reduce IT related security risks. As many as 670 security professionals were surveyed regarding the PCI-DSS compliance and data breaches which has reveled some interesting information.
One of the significant findings of the study was that security and PCI-DSS compliance does have a correlation and that as many as 64 percent of the organizations didn’t experience any credit card related data breach over the last couple of years. On the other hand, 38 percent of the non-PCI-DSS compliant organizations reported that no data breach took place in their organization linked to credit card data.
Despite the fact that PCI-DSS focuses on the payment industry, breaches involving non-credit card data can also be reduced through the proper utilization of compliance. According to the study, a single incident of data breach took place in case of 63 percent of the PCI compliant organizations where on the other hand five or more data breaches occurred in case of 26 percent of the non-PCI compliant organizations.
Although the study did indicate that the PCI-DSS and improved security are correlated, it was not the general sentiment articulated by the individuals who took part in the survey. Only 33 percent of them actually indicated that the costs that are linked to PCI-DSS compliance added value to their organizations.
Source:
www.esecurityplanet.com/news/article.php/3931211/PCI-is-Reducing-Data-Breaches.htm
Image:
jscreationzs/FreeDigitalPhotos.net
