Today the PCI Security Standards Council (SSC) announced a significant advancement in its efforts to foster small-business cybersecurity: A set of payment protection resources that acquirers can use to educate and empower the small merchants they serve to fight cybercrime.
My colleague Tim Thomas and I were honored to be a part of the taskforce responsible for this effort, which reflects the continuing evolution of PCI toward daily attention to data security and risk assessment.
Practical Advice on Assessing and Mitigating Breach Risk
From my perspective, the PCI SSC Small Merchant Taskforce was all about creating a better understanding of the real risks that go along with the method(s) merchants rely on to process payment transactions.
Our aim was to provide practical advice on how to not only assess, but also to mitigate breach risk.
The taskforce was focused on collaboration, making sure our process included merchants and franchise groups who understand the challenges in the world of small business.
As a group, we understood the need to overcome the perception that breaches only happen at big, name-brand companies and not in everyday, Main Street America.
Embracing These New Resources
In order to be effective, the information and practical advice contained within the PCI Payment Protection Resources must be embraced and shared extensively throughout the payments world.
The entire payments and security communities need to coordinate efforts to make sure small businesses know these risks are real, and provide hands-on education and assistance as needed.
There is plenty of evidence that by taking practical steps and, in some cases, making cost-effective security and compliance investments to address the real risk, many of the breaches we see today could be prevented.
Sure, the small merchant world is a big challenge, but I believe our taskforce deliverables are a strong step in the right direction. Begin utilizing your new PCI Payment Protection Resources.
Want to learn more about how your ISO/Acquirer business can digest and apply this wealth of information? Be sure to subscribe to this blog for additional tips and webinar announcements.