In a survey conducted by the Ponemon Institute, 67 percent of PCI-regulated companies lack full compliance with the standard; 50 percent of security professionals view PCI as a burden, and 59 percent do not believe it helps with security, reports InformationWeek. The survey also found an increase in the number of data breaches since 2009, with non-PCI compliant companies experiencing more data breaches than PCI-compliant ones. The study found little connection between PCI-related expenditures and compliance levels. Imperva's director of security strategy noted, "In a somewhat counterintuitive manner, those organizations (that) suffered no breaches are not necessarily those who spent the biggest budget."
If you want to comment on this post, you need to login.