NZ 'lagging behind US and UK' in data security
A leading data security assessment company says that New Zealand businesses are becoming "soft targets" for malicious hackers because they are lagging significantly behind the US and UK in achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS) introduced by the Payment Card Industry Security Standards Council (PCI SSC).
Roger Greyling, an experienced security consultant with Security-Assessment.com (a Dimension Data company), says that unlike the USA where companies are required by law to disclose details of data security breaches, and the UK, where internet service providers and telecommunications companies are required by law to disclose data breaches under the current European Union data protection directive, no such legislation exists in Australasia.
"Currently the focus is on the clean-up of data security breaches rather than prevention. There has been no impetus for businesses to reveal data exposures and minimal fines imposed, which means there is limited incentive for businesses to comply with the PCI DSS."