PCI DSS compliance and security can also impact customer experience, added Verizon. Customers are increasingly aware of the dangers of fraud and identity theft and may think twice before buying from, or investing in, an organisation that they know has suffered a major data breach.
4. Make compliance sustainable
Organisations should integrate compliance into their governance, risk and compliance strategy and make it part of their day-to-day activities, said Verizon. They should foster cultural awareness of risk management across the business, and ensure that all activities in the compliance programme are in line with the operational environment and risk profile.
Verizon's 2015 PCI Compliance Report examines the state of PCI DSS compliance and its correlation to data breaches among global organisations in the financial services, retail, and travel and hospitality industries. It covers three years of data and includes the results from PCI assessments conducted by Verizon's team of PCI Qualified Security Assessors for Fortune 500 and large multinational firms in more than 30 countries.
Protecting profits by managing payment card risk infographics. Credit: Verizon
Sign up for CIO Asia eNewsletters.