Most Merchants Still Not Stressing Data Security: Survey

Despite the existence of the Payment Card Industry’s (PCI) Data Security Standard (DSS), a cross-section of retailers still struggle with data security, putting consumers at continued risk for identity theft, according to a new survey conducted by Imperva here and the Ponemon Institute, Traverse City, Mich.

REDWOOD SHORES, Calif. — Despite the existence of the Payment Card Industry’s (PCI) Data Security Standard (DSS), a cross-section of retailers still struggle with data security, putting consumers at continued risk for identity theft, according to a new survey conducted by Imperva here and the Ponemon Institute, Traverse City, Mich.

Seventy-one percent of companies surveyed admit to not making data security a top strategic initiative, and 55% admit to only securing credit card information and not sensitive information such as Social Security numbers, driver’s license numbers, and bank account details. However, the survey also found that companies taking a strategic approach to PCI compliance have fewer data breaches.

“Nobody is in business to be compliant,” said Shlomo Kramer, Imperva’s chief executive officer, in a statement. “But there is a silver lining to this survey: if you protect consumers as required by the PCI DSS standard, there is an incredible opportunity to improve your overall security posture.”

The survey included 517 respondents, 93% of them merchants distributed almost equally among Tiers one through four.

Read More of Today's Headlines [2]