sites/default/files/styles/max_width_1000px/public/2017-02/Clothing%20Store.jpeg?itok=MqXoTJnW
Data Privacy & Protection

PCI Compliance Achieved

Project Overview
Project Overview

In the world of retail, the risk of payment card fraud and identity theft seems to increase by the minute. As a national retailer, achieving and maintaining cyber security for Payment Card Industry (PCI) compliance is essential to keeping valuable customer information secure.

After continuously struggling to achieve PCI compliance, and a return on their security investments, Concord's subject matter experts were engaged by a national retail client to turn things around through the implementation of a standard and repeatable security and compliance program. More importantly, the client needed a solution that allowed them to spend less time focusing on compliance issues and more time focusing on the core of their business...stores and customers.

Results area
Results

By building a balanced team to address governance, compliance, technology, and business challenges, a multi-year road map and implementation plan was born. As a result, security architectures were re-built to mitigate risk and effective security event monitoring and response services were put in place. Additionally, external PCI compliance relationships were developed to manage expectations (card brands, banks, and insurance companies), coordinate work (external auditors, QSA), and ensure third party security vendors were operating effectively and providing value.

Ultimately, exposure to cyber threats was significantly reduced and PCI compliance was achieved for the first time. This achievement reduced high risk issues by 87%, reduced the overall PCI compliance footprint by 70%, and produced an annual savings of more than $600,000.

Retailers often say 'there is no greater loss than the loss of consumer data.' Thanks to Concord, this retailer's risk has been greatly reduced!

Similar Projects