Telecommunication and Information Technology > QUESTIONS & ANSWERS > Payment card industry week 2 csia 350 (All)

Payment card industry week 2 csia 350

Document Content and Description Below

2. How does compliance with the four Payment Card Industry (PCI) Standards help an e-Commerce company manage IT security risks? A hack on credit bureau Equifax in September of 2017 exposed personal ... data of 143 million customers, including 209,000 credit card details (Krishna, 2017). Compliance risk is the potential for losses and legal penalties due to failure to comply with laws or regulations (Spacey, 2015,). Because of possible leadership mistakes, companies which completely want to follow with the law still have compliance risks. Since the inception of the Payment Card Industry Data Security Standard (PCI DSS), compliance with PCI DSS has steadily increased among organizations that store, process, and transmit cardholder data (Maintaining PCI DSS Compliance Special Interest Group PCI Security Standards Council, 2019). The growth in PCI implementation can be credited probably to a better understanding of the rules, developments in card brand enforcement services and requirements and a general rise in PCI development. Regardless of these advances, statistics indicate that PCI implementation still remains the main responsibility of most of the organizations. The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally (PCI Security Standards Council 2018, May). All payment card processing companies including retailers, manufacturers, buyers, lender, and service companies are affected by PCI standards. Companies are hacked every day where some lead to data breaches and critical data exfiltration. We need to introduce a rigorous security awareness method with up to date material with the most recent infringement changes. Organization looks to the program for overall responsibility to ensure the selection and implementation of appropriate security controls and to demonstrate the effectiveness of satisfying their stated security requirements (National Institute of Standards and Technology, 2006). We need to first realize that protecting cardholder information is the main role of the PCI DSS. PCI DSS offers a minimum number of credit card information protection standards. A connection exists between companies that are up-to-date with PCI guidelines and companies that effectively protect themselves ag [Show More]

Last updated: 3 years ago

Preview 1 out of 2 pages

Buy Now

Instant download

We Accept: