SecurityMetrics 2019 PCI Compliance Guide

PCI DSS requirements help merchants prevent data breaches

Payment Card Industry (PCI) compliance is required for any organization that takes payment cards. The PCI Data Security Standard (PCI DSS) includes 12 data security requirements that merchants must follow. Service providers must also comply with the PCI DSS, as well as follow some additional requirements on top of those that apply to merchants.

Merchants often have a difficult time attaining and maintaining PCI compliance for a variety of reasons. A lack of resources, time, and PCI DSS familiarity can hinder compliance efforts and leave businesses vulnerable to cyber attacks and data leaks. SecurityMetrics forensic research concluded that the average breached organization at the time of data compromise was not compliant with at least 44% of the PCI DSS requirements.

What's more, none of the breached organizations SecurityMetrics investigated in 2018 were found to be fully PCI DSS compliant at the time they experienced a data breach.

A PCI compliance guide for merchants

The 2019 Guide to PCI Compliance specifically helps merchants and service providers address the most problematic issues within the 12 PCI DSS requirements. Functionally interactive features enhance the downloadable PDF Guide experience for all familiarity levels.

“The guide provided by SecurityMetrics on PCI DSS is a very good review of requirements and how they relate to the needs of those working on PCI DSS adherence . . . as someone working in this arena on a routine basis with national and global financial institutions, the quick reminder of areas to review is fantastic," said Tim Hoyle, Senior IT Project Manager at Apex Systems.

Brenda Clark, Compliance and Security Manager at NTT America, Inc., said, “The SecurityMetrics Guide to PCI DSS Compliance is a one-stop guide to PCI DSS compliance. This is the best comprehensive guide I’ve found.”

What merchants will find in the 2019 Guide to PCI DSS Compliance

• On page 29, we outline the latest PCI DSS 3.2.1 updates. In May of 2018, the PCI Council released significant clarification to the PCI Data Security Standard. While none of these changes significantly impact the day-to-day activities of becoming PCI compliant, they are important to understand.
• Our interactive and printable IT checklists at the end of each PCI requirement section have space to track task assignments and completion dates.
• Tips and stories from experienced PCI auditors (QSAs) in every section.
• A milestone-based reading guide chart according to the PCI Security Standards Council’s “Prioritized Approach” to PCI compliance. This chart helps merchants focus on the sections that will be most useful to them with whatever stage of the PCI compliance journey they're at.

Get PCI compliant quickly and simply

Compliance with any mandate takes time and planning. But, thousands of customers and readers use our PCI Compliance Guide to make the PCI compliance process faster and simpler, as well as better maintain compliance.

Ultimately, our mission is to help merchants close the gaps in their data security and avoid a data breach.

Contact us if you have questions about PCI compliance or need a PCI Audit.