The latest research from Verizon shows a lack of compliance with payment card industry requirements to secure their payment systems.
The article also highlights the importance of ongoing compliance monitoring, particularly after events such as an acquisition.
With regulations such as GDPR due to be implemented, and with the increase in the intensity and number of cyber attacks happening, it is increasingly important to know the level cyber security, data hygiene and compliance at a organisation that is a target of an acquisition, as the risk of non-compliance carries increasingly punitive fines.
Mr Van Oosten said businesses often failed to appreciate the importance of rescanning their systems after significant changes, be that introducing new equipment, updating apps or even buying another company. “One major hotel chain that was a customer of Verizon used to be PCI compliant, but failed because it bought a newer hotel chain that took two-and-a-half years to get compliant,” he said.