2021 SecurityMetrics Guide to PCI DSS Compliance Includes Data on iFrame Attacks, Payment Data Security Breach Predictions

OREM, Utah, April 6, 2021 /PRNewswire/ -- Businesses face many cyber risks, threats, and vulnerabilities. Securing payment data and other sensitive information is an ongoing battle. The Payment Card Industry Data Security Standard (PCI DSS) was established in 2006 to help businesses protect payment data, and compliance to the PCI DSS is an industry requirement for any company that accepts major credit cards.

Businesses must be more diligent about complying with the PCI DSS because cybercriminals continue to update their tactics and add resources to their efforts. Noncompliance increases the risk of compromise, and according to SecurityMetrics forensic research data, none of the compromised companies for which they provided remediation services were fully PCI DSS compliant at the time of compromise. Issues like skipping vulnerability scans and penetration testing (PCI DSS requirement 11) continue to plague businesses, with 62% of investigated breaches being directly related.

These issues are fixable, and as a way for companies to better understand their options for protection, SecurityMetrics has released the 2021 edition of the Guide to PCI DSS Compliance. 

The PCI Guide is an ongoing, collaborative effort, with recommendations and original research from the SecurityMetrics Audit, Penetration Testing, Forensics, Support, and Executive teams.

Audit Director, Matt Halbleib (CISSP, CISA, QSA), said "We publish our guide to give businesses of all sizes a tool to understand and organize their PCI compliance efforts. Maintaining PCI compliance in an environment-specific way helps businesses protect their data, detect breaches, and keep cybercriminals off their network."

The 2021 PCI DSS Guide has been updated to include:

• Insight into what to expect for PCI DSS 4.0
• Tips for applying the PCI DSS in a cloud environment
• Information on e-commerce attacks including iFrame hacks
• Interactive IT checklists for each requirement
• Brand new PCI compliance customer data
• Tips and experiences from PCI Auditors (QSAs)

"Businesses who utilize the Guide to PCI DSS Compliance can better organize their compliance efforts and understand the way PCI compliance requirements affect cybersecurity. On top of that, the PCI Guide is a great training tool when assigning new resources to your PCI compliance effort," said SecurityMetrics VP of Assessments Gary Glover (CISSP, CISA, QSA.)

Download the 2021 SecurityMetrics Guide to PCI DSS Compliance here.

To learn more about SecurityMetrics, PCI DSS compliance, or for help with a PCI audit, please call 801.705.5656 or email [email protected].

For press inquiries, call 801.995.6516 or email [email protected]. 

About SecurityMetrics
SecurityMetrics helps customers close data security and compliance gaps to avoid data breaches. They provide managed data security services and are certified to help customers achieve the highest data security and compliance standards.

As an Approved Scanning Vendor, Qualified Security Assessor, Certified Forensic Investigator, and Managed Security provider SecurityMetrics guides organizations through data security testing and compliance mandates (PCI, HIPAA, GDPR, HITRUST). With over 15 years of forensic investigations, penetration testing, vulnerability assessments, and compliance audits, SecurityMetrics has tested over 1 million systems for vulnerabilities. The privately held company is headquartered in Orem, Utah where it maintains a Security Operations Center (SOC) and 24/7 multilingual technical support.

SOURCE SecurityMetrics

Related Links

http://www.securitymetrics.com