Cybersecurity Insights

Data breaches seem to be a regular feature in the news nowadays, especially since GDPR regulation kicked in last year. This higher frequency of articles announcing newly-hacked-victim-organisations gives an idea of the growing scale of the security problem - a trend that we have been talking and warning about for years.

Organisations particularly at risk of compromise are online businesses - eCommerce websites. In fact eCommerce websites are currently the most targeted type of organisation within the Payment Card Industry - simply because the crime is so much easier to execute. The reward for criminals is not as high as targeting a bank, but the crime is a lot easier to pull and scale too.

PCI DSS (Payment Card Industry Data Security Standard) is a regulation that encompasses any business that touches card holder data. It’s not just confined to a physical retailer you see on the high street; it covers eCommerce environments and contact centers processing payments over the phone too.

The clock is ticking and we are swiftly moving toward the GDPR deadline, with organisations of all shapes and sizes preparing themselves for the new regulations. To help our clients identify the Personally Identifiable Information (PII) and sensitive data that is at the heart of the regulation we've strengthened our compliance services by partnering with data discovery specialists, Ground Labs.

PCI compliance is no easy feat, it can be a challenge to obtain, but results in lasting consumer trust and peace of mind knowing their data is protected. It needs to be approached with a long-term strategy in mind.

In this article, we outline 5 steps you can take to aid in your travel agents PCI compliance.

The General Data Protection Regulation will come into effect in May 2018. It replaces the current Data Protection Act, updating the guidelines on how personal data is processed and held by organisations.