Preventing the Common Lot of Retail ‘Breachiness’

The main goal is to stop thinking of compliance as a temporary concern. The requirements weren't created for the sake of passing annual compliance audits, but to give organizations an idea of how to protect cardholder data. "PCI DSS should be seen as a set of minimum standards — a compass, not a road map," states the 2014 Verizon Report. Organizations should focus on the proper performance of their security policy components and their adoption as "business as usual." Streamlining compliance is hard work, but it must be done on a daily basis.