On this blog, we discussed previews of the 2015 Verizon PCI Compliance Report from January, which suggested that fewer than one-third of merchants remained compliant between audits. According to the full report released this month, that figure could be as low as one-quarter. The firm states that 80 percent of all retailers fail interim PCI audits, leaving a sizeable majority of merchants vulnerable to cyber attacks through most of the year. 

"Today's cybersecurity landscape is constantly changing," said Rodolphe Simonetti, managing director, professional services for Verizon Enterprise Solutions. "Compliance at a point in time isn't sufficient to protect data. Putting the focus on making compliance sustainable is key. It must be a part of day-to-day activities within an organization's greater security strategy."

The process of continuous review is inherent to the latest round of PCI regulations. By developing strong communication with third party service providers, businesses can maintain their protections against breaches even when they're not under review. Integrating these practices into standard operating procedure is the best way to ensure that vulnerabilities aren't overlooked. 

Jonathan Trull of CSO Online explains that the best way to do this is for merchants to monitor systems for suspicious activity and bring those suspicions to the attention of someone who is capable of investigating and rectifying the situation. A barrier to compliance is that many merchants lack the in-house expertise to conduct these reviews, so working with a service provider can alleviate those pressure points and guarantee a swifter, more targeted response to security incidents when they arise. 

Contact VantageCard today to learn more about how our suite of services can help your business protect its payment card processing data.