Retailers, and really anyone that accepts credit card payments, are obligated to be compliant with the Payment Card Industry Data Security Standard or PCI-DSS. Depending on the size of your organization, you may even be obligated to be independently audited by a PCI Qualified Assessor. Either way, PCI compliance can be complicated, difficult to understand, and potentially costly. However, the cost of a data breach is much higher.
The consequences for non-compliance are huge. First, 60% of small businesses that experience a data breach go out of business soon thereafter. The reason this happens is pretty clear given the impact to a business of a data breach. In the event of a breach your credit card processor won't allow you to accept credit cards; you will be financially liable for the breach; you could be sued for negligence; your name will be published in the news announcing the breach; you will lose customers.
Cyber Defense Institute has decades of experience working with PCI and we can help you become compliant. Whether we provide vulnerability management services, training, policy and procedure creation, or manage your entire PCI compliance program, we're here to help provide an independent, security focused approach that meets the needs of your specific business while also protecting it from a potential breach.