Manage Learn to apply best practices and optimize your operations.

Podcast: The barriers to PCI DSS compliance and how to overcome them

Some businesses struggle with the Payment Card Industry Data Security Standard. In this podcast, learn strategies to maintain PCI DSS compliance.

Kevin Beaver

Kevin Beaver

The Payment Card Industry Data Security Standard (PCI DSS) was introduced almost a decade ago, but some companies still struggle with compliance. Breaches are common, putting customer information at risk and bringing organizations' governance, risk and compliance processes into question. Associate Editor Ben Cole recently sat down with Kevin Beaver, an information security consultant at Principle Logic LLC, to discuss some of the latest trends in PCI DSS compliance. PCI DSS compliance barriers do not usually arise because of regulatory complexity, but rather are the result of a lack of organization-wide resources and buy-in necessary to meet the standards, Beaver said.

"It's really because of the culture, the politics, the lack of support, the lack of funding that IT and compliance and information risk managers are up against," Beaver said.

More on PCI compliance

Five strategies to streamline the PCI audit process

Security and compliance lessons from a credit card breach

To maintain PCI DSS compliance, companies first need to understand exactly what their requirements are to determine the best policies, processes and technologies for their specific situation. Perhaps most important, companies should always assume they are a target for a PCI DSS data breach.

"Treat PCI, and really information security in general, as a business issue -- you have to be professional and methodical about it," Beaver said.

In this podcast, learn more about PCI DSS compliance best practices as Beaver discusses the benefits of documentation, what departments should provide PCI security input and tips on minimizing business impact if a breach occurs.

Let us know what you think about the story; email Ben Cole, Associate Editor. For IT compliance news and updates throughout the week, follow us on Twitter @ITCompliance.

Dig Deeper on PCI compliance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.