Small businesses are under attack and here are just some of the facts:
¢ Eighty-Five percent (85%) of payment card breeches occur at small businesses
¢ Eighty-One percent (81%) of organizations subject to PCI DSS had not been found compliant prior to the breach
¢ Eighty Three (83%) of attacks were not highly difficult to perform
¢ Serious breaches can incur fines ranging from $5,000 to $25,000 every month until compliance is achieved. In addition, audit costs and loss of business if payment processing is halted.
It was only a matter of time before the bleeding of large corporations due to cybercrime would be passed on to the consumer.
There are several laws already enacted, which protects the private and personal information of the consumer, however; most of the laws have not been actively enforced, until now. Moreover, you do not have a choice, you comply with the Federal Trade Commission (FTC) and/or the Payment Card Industry Data Security Standard (PCI DSS), or if breached and found non-compliant, you can expect fines significant enough to cripple or put you out of business.
Unfortunately, computers were not built with security in mind they were built for processing. In addition, the consumer will chose convenience over security making it even more difficult to protect and secure your online activities. So, in an unprecedented move the major credit card companies got together to come up with the protocol they felt necessary to combat the exponential growth of credit card fraud, and the FTC came up with a set of standards to combat identity theft called the Red Flag Rules.
