CHARLOTTE, North Carolina – (COMMERCIAL THREAD) –PCI Pal (LON: PCIP) – If there is one word that is engraved in our heads during the pandemic, it is “unprecedented”. And while we’ve seen plenty of new challenges appear, they don’t seem to be going away anytime soon and will likely increase in number and complexity. With the WFH still being the norm for many businesses, 2021 should have been the year companies consolidated their digital practices, ensuring that security was built into every process given the ever-changing news around data breaches. However, it is clear that there is still a lot of work to be done and as we move into 2022 and the unprecedented situation continues, expectations are set. Consumers want businesses to make sure their payments are secure, and businesses need to have a concrete game plan in motion to make consumers feel safe. With that in mind, PCI Pal CISO Geoff Forsyth presents his forecast and considerations for the New Year:
- Stop fearing the unknown and focus on existing threats. Next year, we shouldn’t be focusing on finding new forms of fraud, but rather changing and re-emerging existing iterations. As card payments are further behind non-present cards, payment web pages are more likely to be compromised by good old-fashioned third-party scripts or attacks. 2021 saw an abundance of new payment processes emerge, but among these new providers we saw a clear lack of security expertise, which allowed fraudsters to use old tricks to attack vulnerable buyers. As more and more payments are made online, the wider the landscape for scammers to attack.
- Businesses need to reset and reassess their security policies this new year. Security in industries such as IT and finance needs to be reviewed consistently, to ensure the basics of the business are covered. In the first months of 2021, infrastructure suddenly became a visible and critical goal for businesses as teams scrambled to enforce old practices under new restrictions, uncovering new challenges and threats along the way. As society continues to digitally advance and the urgency to meet security needs continues to grow, businesses need to reset and reorganize. Companies were rushing to restructure their old strategies, but in their rush safety precautions could have gone down the drain.
- The main security risk for payments lies in the different types of payments that merchants choose to accept from their customers. While there will always be new fixes, protocols, and plans for security, the overall problem remains largely unchanged. So, instead of addressing new concerns with new solutions, companies must first implement the proven security foundations that can still protect against many vulnerabilities and attack vectors. One security risk measure that deserves careful consideration by all companies is the OWASP Top Ten.
- Cryptocurrencies will still be an attractive and exciting option for some companies and brands, but they will not be of interest to governments. While it’s easy for businesses to ignore the implications of the processing resources consumed and the decentralization of currency, governments have yet to embrace it – many even ban cryptocurrencies in various types of transactions.
You can look at financial fraud like weeds in the garden: Weeds grow slowly over time, killing the life of smaller, less resistant plants until they get too big and noticeable. Even though the roots of this weed are completely destroyed, the seeds of other invasive or parasitic species remain and the garden remains a haven of nutrients to steal. Similar to weeds, fraud will always be present, and while government attacks on major criminal networks can disperse or stop large numbers of frauds, they do not make the problem go away. Our solutions to mitigate fraud have been tentative, as the problem keeps getting more and more vicious. In 2022, it’s time to take cybersecurity seriously – there are no more excuses.
Contact PCI Pal today to find out how our secure payment solutions can protect customer data and your business from all that 2022 has to offer.
About PCI Pal:
PCI Pal® is a leading provider of SaaS solutions that enable businesses to accept payments securely, adhere to strict industry governance, and shield their business from the significant risks posed by non-compliance and data loss. Our mission at PCI Pal is to preserve reputation and trust by providing our customers with secure payment solutions for non-present cardholders for contact centers and businesses.
Our products secure payments and data in any business communications environment, including voice, chat, social media, email, and contact center. We are integrated and resold by some of the world’s leading providers of business communications, as well as the leading payment service providers.
The entire product base is available on our global cloud platform hosted in Amazon Web Services (“AWS”), with regional instances across EMEA, North America and ANZ. PCI Pal products can be used by organizations of all sizes around the world, and we are proud to work with some of the world’s largest and most respected brands.
For more information, visit www.pcipal.com or follow the team on Linkedin: https://www.linkedin.com/company/pci-pal/