(WEB HOST INDUSTRY REVIEW) — Application data security provider Imperva (www.imperva.com) announced on Friday it has released the results of its new security survey that shows consumers should be cautious about doing business with smaller online retailers.
Conducted by the Ponemon Institute on Imperva’s behalf, the international survey is based on the responses of more than 500 businesses with average annual revenues of $5.6 billion.
Key findings include 71 percent of companies do not treat data security as a strategic initiative, yet 79 percent have experienced a breach, 55 percent do not secure Social Security numbers, driver’s license numbers, and bank account details, and consumers are more at risk doing business with smaller companies due to the fact that only 28 percent of smaller companies comply with PCI as opposed to 70 percent of larger companies.
The survey results comes just a little more than a month before the PCI DSS Council’s October 31 deadline to provide feedback to improve the standard’s effectiveness in protecting consumer personal information.
THe inherent value of having a PCI/DSS compliance standard in place has been debated for quite some time. Retailers and payment processors alone have invested $2 billion on security upgrades to comply with PCI, according to Gartner Research.
Despite this, the number of data breaches and cases of credit card fraud has continued to rise since it was enacted in 2005.
Fraud involving credit and debit cards reached $22 billion in 2008 – an increase of $3 billion compared to the previous year, according to Javelin Strategy & Research.
In light of the survey’s findings, Imperva will soon release a set of recommendations for consumers, businesses and the PCI DSS Council to improve the effectiveness of the standard.
