Click here to access the main News page and view a listing of all available articles.

88% Of UK Businesses Are Still Not Compliant With PCI DSS – Study
ePayments News Network - 06/30/08

Study shows that 88 percent of UK businesses have not succeeded in complying with the Payment Card Industry Data Security Standard (PCI DSS) yet, despite the fact that compliance became mandatory in 2006. The majority of the respondents claim they have not established any fixed deadline in regard to meeting the standard, while 54 percent cannot say when they will achieve full compliance.

The study indicates that only 12 percent of respondents are already compliant and 17 percent of those surveyed estimate that they will reach this goal within six to 12 months. The reasons for this delay are related to complexities in the process, such as setting up measures to protect web applications. In this respect, the British Red Cross, one of the organisations which still strives to achieve compliance mentioned the lack of communication with banks, as the latter fail in providing enough information to help compliance.

The PCI DSS standard was introduced in January 2005 to help organisations enforce data security management, policies, procedures, network architecture, software design and other critical protective measures. The rules affect any company transmitting, processing or storing credit card information.

The survey was conducted by systems and security management services NetIQ.

The report was published by security firm Symantec.

Click here to access the main News page and view a listing of all available articles.