Five Challenges to Continuous PCI DSS Compliance
As the Payment Card Industry Data Security Standard (PCI DSS, or PCI) becomes more widely adopted in both the United States and Europe, organizations face five major challenges when navigating the PCI compliance landscape:
- Misunderstanding what the term “PCI compliance” means in a given context
- Treating PCI compliance as an audit process rather than a private industry standard
- Scoping PCI compliance too broadly
- Treating PCI compliance as a single-point-in-time, rather than ongoing activity
- Failing to use automated tools to generate evidence of continuous compliance
This white paper discusses these challenges in-depth, along with their implications. It also provides a plan of action that organizations subject to PCI can take to address compliance needs.