As payment card standards evolve, surveys have been conducted to gauge the level of seriousness merchants pay to remaining compliant with PCI requirements. On this blog, we discussed the troubling statistic that fewer than one-third of businesses remain compliant between PCI audits. A new study by Verizon posts a more encouraging outlook on the state of compliance, however, as it found that the total number of compliant organizations rose by 20 percent last year. 

The shift may be due to two primary reasons. First, with new standards in place this year, PCI compliance is factoring more prominently into the conversation about payment card security. On the other hand, a spate of high-profile breaches has positioned security practices as an important risk reduction measure. The Verizon study found considerable improvement in 11 of the 12 areas of PCI requirements. On average, the quality of adherence to standards in those categories rose by 18 percent. 

Sebastien Mazas, PCI Services professional services manager, told ZDNet that organizations that experienced breaches were 36 percent less likely to be compliant in the 12 metrics of evaluation.  

"If we look at the results from this investigation, we see two things. The first is 45 percent of the breached companies were not compliant on one aspect, which was patch management and development security. And 72 percent of them were not compliant on everything considering the log management and log monitoring," he said.

The Verizon study makes a clear connection between quality of PCI standards and practices and the likelihood of a breach. As merchants update their systems in 2015, following those requirements is critical to protecting payment card data. Contact Vantage Card today to learn more about how our services can support PCI compliance in your business.