2020 Verizon Payments Security Report Released

Only one in four global companies secures cardholder payment data

Verizon Japan LLC 2020 Verizon Payment Security Report (PSR) points out the lack of long-term security strategies by business leaders to support payment security compliance declines for the third consecutive year. Payment Security Report (PSR) Highlights: ■ Only 27.9% of global enterprises remain fully compliant with Payment Card Industry Data Security Standards (PCI DSS) ■ Compliance compliance rate since 2016 (reported in 2017 PSR) Significant (27.5 points) decline in Executor: Ryuta Yamazaki, hereinafter referred to as "Verizon") has released the 2020 Verizon Payment Security Report (abbreviation: 2020 PSR) today. The report notes that customers' cardholder data is constantly at risk due to long-term payment security strategies and lack of viability in global enterprises. In addition, maintaining excellent CISOs and security managers is a challenge for many companies, which leads to a lack of long-term security-related perspectives in companies and organizations, and compliance in PCI DSS. It has a serious impact on sustained compliance with. According to the 2020 Verizon Data Leakage / Data Fraud Investigation Report (abbreviation: 2020 DBIR), payment data remains the number one target and profitable target for cybercriminals. It has been revealed that 9 out of 10 (86%) data breaches are for financial purposes. 99% of security incidents in the retail industry analyzed by the 2020 DBIR focused on obtaining payment data for criminal use. The 2020 PSR averages only 27.9% of global companies that are fully compliant with PCI DSS designed to protect payment systems from cardholder data breaches and theft for companies offering card payment capabilities. It points out that there is no such thing. Even more worrisome is that compliance compliance has declined for the third consecutive year, down 27.5 percentage points from its peak in 2016. "Unfortunately, many companies have sufficient resources and commitment from senior business leaders to drive long-term data security and compliance efforts," said Sampath Sowmyanarayan, Global Enterprise President of Verizon Business. This is terrible. With the recent epidemic of the new corona virus, consumers are moving from traditional cash payments to contactless payments using cards and mobile devices. Accelerating. As more electronic payment data is generated, consumers trust companies to secure these data. All companies that process payment data have payment security. It needs to be positioned as an ongoing priority in our business because they have a significant responsibility for payment security to our customers, suppliers and consumers. ”Especially in the 2020 PSR additional study. Focusing on security testing, just over half (51.9%) of companies and organizations have successfully tested access to security systems and processes, and unsupervised systems, and about two-thirds are business-critical. It has also been reported that access to various systems is well tracked and monitored. In addition, only 7 out of 10 financial institutions (70.6%) have been shown to maintain significant perimeter security controls. Maxine Holt, Senior Research Director, Omdia, commented: "This report states that strong leadership is essential to improve failure towards proper management of payment security. This report is in line with Omdia's view that "consistency between security and organizational strategies is essential for enterprises and organizations to maintain compliance." In this case, the appropriate level. PCI DSS 3.2.1 is subject to compliance to provide payment security for. Chief Information Security Officer, Chief Risk Officer, and Chief Compliance Officer to develop and enforce long-term data security and compliance. It's important to combine many roles and responsibilities, such as. ”Lack of compliance impacts all businesses, regardless of the size of the organization. He points out that he faces his own challenges regarding protection. Small businesses typically process and store less card data than large businesses, but they have less resources and budget for security and are challenged with the resources available to maintain PCI DSS compliance. .. Small businesses and organizations are often concerned that it will take too much time and money to take the necessary steps to protect sensitive payment card data. On the other hand, the risk of data breaches for SMBs remains high, so maintaining PCI DSS compliance is essential. Continuing Challenges CISOs Face This report presents the challenges CISOs face in designing, implementing, and maintaining effective and sustainable security strategies, and these challenges disrupt compliance and data security management. It also explains how it will eventually lead to. These challenges are not technical and can be solved by more mature management skills such as creating formalized processes, building security business models, and defining appropriate security strategies by using operating models and frameworks. It turned out to be an issue. About the 2020 Verizon Payment Security Report Verizon has begun issuing the Payment Security Report (PSR) as the first research report on the actual value and performance of the 2010 Payment Card Industry Data Security Standard (PCI DSS). Since then, it has been published every year until now. This report is based on global data collected by PCI DSS Certified Security Evaluators (QSAs) from Verizon and five other external organizations. Learn more about how Verizon can help. https://enterprise.verizon.com/products/security/security-advisory-services/payment-card-industry-compliance/

This press release contains information for the media.

If you register as a media user, you can view various special information such as contact information of the person in charge of the company and information on events and press conferences. * Contents vary depending on the press release.