Businesses Warned to Get a Grip on PCI DSS 3.0 Before it’s Too Late

By   ISBuzz Team
Writer , Information Security Buzz | Jul 14, 2014 05:04 pm PST

Only 10 per cent of British businesses currently comply with the PCI DSS 3.0 standard[1] with less than six months left until it comes into force, warns Cognia. The provider of cloud communications intelligence solutions urges organisations not to underestimate their responsibilities ahead of the 31st December 2014 deadline.

With the release of PCI DSS 3.0, the PCI Security Standards Council wants to bring about a sea change that will involve a “structured, predictable and continuous” approach to PCI compliance.  The new PCI DSS compliance standard aims to create an actionable ‘business as usual’ framework that outlines techniques for prevention, detection and response to card detail security incidents.

“Achieving compliance with 3.0 is not to be underestimated,” says Curtis Nash, CEO of Cognia. “Since its 2004 inception, the standard has been presented as 12 key requirements, and each has undergone substantial development. Even if you maintained strict compliance, you may well fall short of what is required now, especially with change to people, processes and systems. 3.0 should be seen by businesses as an opportunity to protect brand and enhance customer experience.”

The TK Maxx breach and the attack on US retailer, Target, have instigated a need for a wider, more holistic approach to PCI. Many of these enhanced standards focus on employee education and awareness, eliminating the use of default passwords, writing down payment card details, stopping access to phishing scams and failing to use approved encryption methods. This comprehensive compliance ideology also comes with a need for regular testing of systems – something that historically has required increasing amounts of time, money and expertise.

About Cognia

cognia_logoCognia is a leader in the provision of cloud-based communications and interaction intelligence solutions for enterprises and service providers. A single platform provides secure capture, storage and analytics solutions for multi-channel communications, including fixed-line and mobile, as well as all IP communications.

Cognia’s solutions include cloud based call recording, the world’s first QSA-validated, PCI DSS Level 1 service on a secure global cloud platform and interaction analytics that form part of its communications intelligence suite. This replaces the high upfront capital and support costs of on-premise systems, with the flexibility to lower TCO to a level never before possible with traditional solutions.

Cognia’s solutions are used world-wide by a 100 financial institutions, contact centres and services providers including Vodafone. Cognia has over 28 million media assets under management in its cloud.

For more information please go to or take the product tour

[1] Verizon 2014 PCI Compliance Report, page 6