I know if you read this blog regularly that I harp on this particular subject with frequency. This is not the result of recurring writer’s block or a lack of new materials to write about. It is simply that no matter how often I write about this, I continue to hear small business owners still on the same script they were on when the PCI DSS (Payment Card Industry Data Security Standard) first became an industry requirement. We’re going on four years here now with little to no change in attitudes towards PCI Compliance. Even the common misconceptions about the PCI DSS remain virtually unchanged. So I can only conclude that I haven’t written enough about the reality of cyber theft and the threat it poses to small merchants in particular.
Merchants tend to typically underestimate the risk of being breached because the only time you hear about a data breach on the news is when a large company is the victim. Small business owners are particularly susceptible to this error in perception thinking that, since they rarely if ever hear of a small business being hacked, then the incidence of small business breaches must be rare as well. They also tend to suppose that hackers only scope out national or international businesses with high revenues and large customer bases. In actuality, this is a gross error in judgment, the opposite of which is true.
An assistant director for the FBI’s Cyber-crime Division was quoted recently, speaking of how prolific and wide-spread credit card data theft is, despite the lack of regular news stories about it. The FBI agent said that there are innumerable high dollar thefts that don’t make the news. Now reader, please, pay close attention to this next part. The reason hackers are gravitating towards small businesses is that over the past decade, the huge merchants and financial institutions have been actively working towards creating the least vulnerable computer networks money can buy, and it is paying off. While the hackers and the cyber security software engineers are in a constant battle of technology development, constantly responding to each others’ innovations with more innovation, the big national companies have attained a state of perpetual high computer network security. This leads the hacker in search of a target to pass on the daunting task of penetrating the most advanced computer security systems on the planet, and poach on some of the smaller and infinitely more vulnerable small business owner.
Don’t wait any longer, make your business PCI Compliant today. Visit our homepage to find out how you can attain PCI compliance for your business, absolutely free!