This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

UK retailers prove to be generally aware of PCI DSS but concerns that 13.8 per cent are completely unaware of it

Share this article:

Almost a third of UK retailers are completely unaware or only partially aware of the new version of the Payment Card Industry Data Security Standard (PCI DSS).

Research by LogLogic found that 13.8 per cent of respondents were completely unaware of the version two, while 15.5 per cent said that they were only partially aware of it.

Also, when respondents were asked if they knew that PCI DSS 2.0 contains significant changes and clarifications relative to the expected network architecture and virtualisation, only 36.2 per cent said that they were aware of this.

Also, when asked how auditing by the payment card issuers has changed in the past twelve months, the survey revealed that 62 per cent said that audits were becoming more, or much more prevalent.

In a year that saw the release of version two of the PCI DSS standard, Guy Churchward, CEO at LogLogic, said that the findings showed that in terms of attitudes and implementation, there is still a lot more to do.

“It is not just a case of ‘achieving compliance', it is a matter of completing the audits and staying on top of the requirements. It is a long term commitment to the business and to protecting customer data. The research clearly shows that retailers need to get up to speed with the new version pretty quickly, if they are to meet the increasingly regular audit requirements,” he said.

On a positive side, 50 per cent of respondents saw the PCI DSS guidelines as a valuable addition that helps them keep up-to-date, while 17.2 per cent said they used it as a way to justify spending on technologies which are useful outside of PCI mandates.

Shlomo Kramer, CEO of Imperva, asked of the 70.7 per cent who were aware of the new changes, how many saw it as a burden and how many saw it as an opportunity? "That is the interesting statistic, how many retailers view PCI as an opportunity to improve their security posture, which is usually the ones who do PCI right," he said.

"Over the years seeing more organistions take it seriously and for all of its faults, it is a very positive mandate. it is detailed, it is practical and you understand what you need to do. It is not compliance, it is a security standard and it is the new type of security."

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Home Depot card data breach undetected for four months

Home Depot card data breach undetected for four ...

The Home Depot card data breach may have continued for longer than the Target attack late last year, according to new reports.

Microsoft closes Trustworthy Computing as part of layoff strategy

Microsoft closes Trustworthy Computing as part of layoff ...

In a surprise move, Microsoft has effectively closed its Trustworthy Computing (TwC) Group as part of the loss of 2,100 jobs in a restructuring plan announced late last week.

More celebrity pictures revealed: Apple and FBI investigating

More celebrity pictures revealed: Apple and FBI investigating

Celebgate 2: a depressing weekend for some celebrities as more hacked pictures leaked from iCloud.