No organisation was fully compliant with the Payment Card Industry DataSecurity Standard (PCI DSS) at the time of data breach, a report said. According to the 2017 Payment Security Report (2017 PSR) by VerizonSecurity Professional Services, all organisations it investigated showed lower compliance in 10 out of the 12 PCI DSS key requirements. Also Read - Beware! Fake e-commerce website scams increasing during festive season salesAlso Read - India's CCI must introduce anti-competitive practices for global tech giants, allow Indian businesses to flourish
The overall PCI DSS compliance has, however, increased among global businesses, with 55.4 per cent of organisations Verizon assessed passing their interim assessment in 2016, compared with 48.4 percent in 2015.
“While it is good to see PCI compliance increasing, the fact remains that over 40 percent of the global organisations we assessed — large and small — are still not meeting the standards,” said Rodolphe Simonetti, Global Managing Director, Security Consulting, Verizon, in a statement. ALSO READ: Adopting simple cyber hygiene key to stop breaches: VMware CEO
The findings of the report demonstrated a link between organisations being compliant with the standard and their ability to defend themselves against cyber attacks. Globally, IT services industry achieved the highest (61.3 percent) full compliance of all key industry groups during the interim validation. It was followed by financial services organisations (59.1 percent), retail (50 percent) and hospitality (42.9 percent).