In recent years, the size and scope of the data breaches that hit major merchants across the U.S. has risen. Unfortunately, there are also a lot of smaller, less impactful breaches that just don't grab as many headlines, but for those merchants, the incidents still pose major problems. For this reason, data security has been at the forefront of the payment processing industry for some time, and merchants may need to do more to hold up their end of the bargain.
Simply by following industry-recommended best practices when it comes to data security compliance, merchants can greatly improve the integrity of their point of sale systems. That, in turn, increases protections for not only themselves and their customers, but payment processors as well.
Nearly 43 percent of merchants said that in 2016, they weren't able to fully protect payment card information stored within their systems on an ongoing basis by following basic PCI DSS compliance, according to the latest Payment Security Report from Verizon. Moreover, retailers were ranked lowest of any industry as it relates to to being able to sustain their PCI compliance. That poses a major threat to customer data, especially because retailers came in below the average for PCI compliance among all industries.
Breaches Pose a Major Threat
Interestingly, the most recent data breach statistics show the average cost of each individual record exposed in these incidents, worldwide, has declined by nearly 11 percent, from $158 last year to $141 this year, according to the latest Cost of Data Breach Study from IBM and the Ponemon Institute. However, the average size of breaches around the globe has increased by 1.8 percent, to more than 24,000 individual records. The math on the average breach shows companies suffering an average-sized breach can face costs of nearly $3.6 million.
Consequently, it's important for businesses to not only invest time and effort in preventing breaches, but also put plans in place to deal with these issues when and if they crop up, the report said.
"Quickly identifying what has happened, what the attacker has access to, and how to contain and remove their access is more important than ever," said Wendi Whitmore, global lead for IBM X-Force Incident Response & Intelligence Services. "With that in mind, having a comprehensive incident response plan in place is critical, so when an organization experiences an incident, they can respond quickly and effectively."
Getting Everyone Onboard
The good news for all involved in the payments industry, however, is investment in security is on the rise, according to research from Markets and Markets. Indeed, the market for payment security measures is expected to more than double over the next five years, from nearly $11.4 billion globally this year to more than $24.6 billion by the end of 2022. Moreover, it's likely that retailers in particular are likely to be a big driver of this investment.
The more merchants can do to assess their payment security needs and investigate the most effective ways to deal with them - including adopting the latest point-of-sale devices to boost the security of every transaction - the better off all involved will be on an ongoing basis.