According to a new Ponemon report sponsored by Imperva, PCI compliance does in fact have a positive impact on reducing security risk.
The report found that that 63 percent of PCI compliant organizations were hit by only one data breach at most. In contrast, 26 percent of non PCI compliant organizations were hit by five or more data breaches.
Even though the data indicates a positive impact for PCI compliance only 33 percent of survey respondents indicated that costs related to PCI-DSS compliance brought value to their organizations.
“PCI is prescriptive and defines several precise technical requirements,” Rob Rachwald Imperva’s Director of Security Strategy,told InternetNews.com. “Many organizations may feel that many of these specific steps are superfluous while not seeing the broader impact PCI has had on their security posture.”