Report: Nearly three in four global organisations fail to meet cardholder data security standards

How safe is your data? A recent report from Verizon Business may give you reason to be concerned.

According to the Verizon Business 2020 Payment Security Report (PSR), business leaders worldwide are falling behind for the third straight year when it comes to meeting the standards of cardholder payment data security.

The numbers are a bit staggering: Just over a quarter (27.9%) of global organisations managed to maintain full compliance with the PCI DSS, the payment industry's data security standard. Worse yet, it marks a 27.5% drop in compliance since 2016, indicating that many businesses aren't simply stagnating when it comes to securing cardholder data, but actually regressing.

So why the decline? The report pointed to a lack of long term strategies and leadership commitment at the root of the issue, regardless of business size. It also cites the challenges that chief information security officers (CISOs) face in the design and implementation of a security strategy that can be supported by all the members of an organisation. Rather than technology being a chief impediment, it's on management to support CISOs in formalising processes and developing a business model around security with proper operating models and frameworks.

It can be alarming news for consumers and businesses as COVID-19 has driven more transactions to mobile and online than ever before, with data security remaining a paramount concern for customers. On the positive side, it may serve as a wake-up call for business leaders and potential entrepreneurs in the security space who must treat securing cardholder data as an essential element of the new normal.

"Unfortunately we see many businesses lacking the resources and commitment from senior business leaders to support long-term data security and compliance initiatives. This is unacceptable,” said Sampath Sowmyanarayan, president, global enterprise for Verizon Business.

“The recent coronavirus pandemic has driven consumers away from the traditional use of cash to contactless methods of payment with payment cards as well as mobile devices. This has generated more electronic payment data and consumers trust businesses to safeguard their information. Payment security has to be seen as an on-going business priority by all companies that handle any payment data, they have a fundamental responsibility to their customers, suppliers and consumers.”