Last year, I wrote about the Verizon Payment Security Report saying it was ”Not Just for PCI.” Verizon liked that post enough to include its introduction in this year’s version. This recognition was a wonderful surprise. Like last year’s report, the 2020 publication goes well beyond PCI in its information and recommendations.
While PCI DSS forms the foundation of these reports and informs their content, the guidance is broadly applicable, and they could easily be rebranded as “data security” reports. I hope everyone responsible for data security takes the opportunity to not only read this year’s report but to also download the reports from prior years. Each report builds on the previous foundations, and the 2020 report provides an overall success strategy for CISOs and information security leaders.