I thought this might be of interest, particularly to owners and operators:
Aberdeen today announced the availability of a new benchmark report on “PCI DSS and Protecting Cardholder Data,” which shows that Best-in-Class organizations have indeed achieved superior protection of cardholder data through compliance with the PCI Data Security Standard (PCI DSS). Across the 12 high-level security requirements specified by PCI DSS, encouraging gains were made by all companies in the study when compared to a similar benchmark conducted one year ago. However organizations in the study generally underestimated the time and cost necessary to achieve PCI compliance, and they significantly underestimated the cost to sustain it. To obtain a complimentary copy of the report, visit: http://www.aberdeen.com/link/sponsor.asp?cid=4892
“The payment card industry has made steady progress in establishing a common set of security standards, evangelizing best practices, and encouraging adoption,” said Derek E. Brink, vice president and research fellow for IT Security, Aberdeen. “Beyond the mere reporting of compliance with PCI, between 40-50% of the top-performing companies actually reduced the number of failed audits and the number of data security incidents, as well as the time and cost to address them. That’s why it’s so important to have clear ownership for your PCI compliance effort, and to fund the initiative for success.”
Although a wide range of services and technologies must be brought to bear to address the 12 high-level security requirements specified by PCI DSS, solution areas in which the top performers showed the strongest year-over-year improvement included vulnerability and risk assessments, infrastructure security, data protection, application security, and tracking and monitoring solutions such as log management and information and event management.
A complimentary copy of this report is made available due in part by the following underwriters: LogLogic, MegaPath, SenSage, SAINT Corporation and Voltage Security. To obtain a complimentary copy of the report, visit: http://www.aberdeen.com/link/sponsor.asp?cid=4892
To access all of Aberdeen’s complimentary research please visit http://research.aberdeen.com.
