Recently, SVB held a webinar on the Payment Card Industry (PCI) risks and compliance. Given all the media attention to recent security breaches, we weren't surprised by the overwhelming interest in the topic. We had a high number of participants and great questions in our Q&A session. It seems every company wants to know if their data is safe–for good reason.
Info Security Magazine named 2014 the year of the data breach, and we do not expect the number of breach events to go down any time soon. With more people online and data in the cloud, predictions are that these incidents will keep escalating. The number of exposed records jumped significantly in 2013 and 2014 with a number of large merchants affected. The reported number of data breaches probably doesn't account for the small merchant space. So smaller-sized businesses may feel their risk is limited. The scary reality is that small and mid-sized merchants are hackers' low-hanging fruit–easy targets compared to the big or national retailers.
Breach concerns can keep smart business owners awake at night with fears of what they'll lose if they suffer a security breach. According to FirstData in 2014, the average breach costs business owners about $36K. Forrester concluded that 70% are caused in some way by employees–either with malice or negligence. Unfortunately, 60% of affected businesses fail within six months of a cyber-attack per foxbusiness.com.
I'm not trying to scare you with these stats, but they point out why every merchant client needs to be PCI compliant. The PCI Security Standards Council–an organization formed by the card brands–created the PCI Data Security Standard (DSS) to help merchants safeguard client information. Any merchant that stores, processes or transmits customer card data must comply with PCI DSS standards on an annual basis. SVB is prepared to help our clients achieve compliance so they can sleep better at night.
Our PCI Program comes with great benefits offered through our vendor, ControlScan®. They include $100K in data breach protection and Application Replacement Coverage of up to $15K to update breach-impacted systems. Dealing with the impacts of a security breach can be overwhelming. Forensic audits–which are like a crime scene investigation–are costly and time consuming. There may be compliance fines, sales and productivity loss and, of course, brand damage! The program limits liabilities such as compliance fines and covers customer credit/debit card replacement costs which would not be covered without PCI certification and would fall on the merchant.
Visit ControlScan's website at controlscan.com/svb to learn more. The website and self-assessment questionnaire (SAQ) provide you with leading tools and the support necessary to analyze, remediate and validate PCI compliance. Once you're validated, ControlScan will provide you with your Certificate of Compliance and submit proof of your compliance to SVB.
We're Here to Help
We are a guide and ally for our clients. Please call our Merchant Services Customer Care Team 24/7 at 1.888.288.2692 with any questions about PCI compliance and about Merchant Services in general.
This material is provided for informational purposes only. The conclusions expressed are based upon limited information available to Silicon Valley Bank regarding your company's fraud detection and prevention programs, and should not be seen as a substitute for obtaining your own independent assessment of such programs. The security of your operating system and your procedures for conducting banking transactions with us remains your responsibility. Silicon Valley Bank is not responsible for any cost, claim or loss associated with your use of this material.