This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

UK retailers prove to be generally aware of PCI DSS but concerns that 13.8 per cent are completely unaware of it

Share this article:

Almost a third of UK retailers are completely unaware or only partially aware of the new version of the Payment Card Industry Data Security Standard (PCI DSS).

Research by LogLogic found that 13.8 per cent of respondents were completely unaware of the version two, while 15.5 per cent said that they were only partially aware of it.

Also, when respondents were asked if they knew that PCI DSS 2.0 contains significant changes and clarifications relative to the expected network architecture and virtualisation, only 36.2 per cent said that they were aware of this.

Also, when asked how auditing by the payment card issuers has changed in the past twelve months, the survey revealed that 62 per cent said that audits were becoming more, or much more prevalent.

In a year that saw the release of version two of the PCI DSS standard, Guy Churchward, CEO at LogLogic, said that the findings showed that in terms of attitudes and implementation, there is still a lot more to do.

“It is not just a case of ‘achieving compliance', it is a matter of completing the audits and staying on top of the requirements. It is a long term commitment to the business and to protecting customer data. The research clearly shows that retailers need to get up to speed with the new version pretty quickly, if they are to meet the increasingly regular audit requirements,” he said.

On a positive side, 50 per cent of respondents saw the PCI DSS guidelines as a valuable addition that helps them keep up-to-date, while 17.2 per cent said they used it as a way to justify spending on technologies which are useful outside of PCI mandates.

Shlomo Kramer, CEO of Imperva, asked of the 70.7 per cent who were aware of the new changes, how many saw it as a burden and how many saw it as an opportunity? "That is the interesting statistic, how many retailers view PCI as an opportunity to improve their security posture, which is usually the ones who do PCI right," he said.

"Over the years seeing more organistions take it seriously and for all of its faults, it is a very positive mandate. it is detailed, it is practical and you understand what you need to do. It is not compliance, it is a security standard and it is the new type of security."

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the ...

UK watchdog warns firms on Big Data risks

UK watchdog warns firms on Big Data risks

UK watchdog The Information Commissioner's Office (ICO) has released a comprehensive report into big data which warns companies that their data analytics activities must adhere to existing data protecting laws.

4% of Googlebots are fake and can launch attacks

4% of Googlebots are fake and can ...

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.