Cyber insurance and security standards are essential for countless businesses to prevent fraud and major financial loss. Find out what you need to know about PCI compliance and cyber insurance to make the best decision for your business.
In the second half of 2021, hackers demanded $1.37 million dollars in exchange for sensitive financial information that they stole – which was accessed because of a lack of security.Â
This is just one example of why both payment security standards like PCI DSS and cyber insurance exist. But why are they both important for your business? And what do you need to do about them? Let’s find out.
What is PCI compliance?
Big surprise: the credit card industry doesn’t like having to hand over hundreds of millions of dollars of reimbursement payments due to credit card fraud or stolen information.
So to both protect credit card users and to prevent having to pay out more money to reimburse victims of credit card fraud or financial theft, the credit card companies and banks involved have set up a set of security standards for all merchants that accept credit cards. These standards are known as Payment Card Industry Data Security Standard, or PCI DSS.
We at Progressive Payment Solutions covered this subject extensively in a past blog all about PCI compliance where we talked about what PCI compliance standards are, how to become PCI compliant, what the benefits are, and the consequences when a merchant isn’t PCI compliant.
One point we are carrying over from our previous article is that the merchants can be financially responsible for data breaches if they’re not PCI compliant, along with having to pay fines and fees from potential legal action taken against them. Remember, any business who accepts credit cards legally must meet PCI DSS.
So how does this affect cyber insurance coverage? We’ll get into that next.
Does cyber insurance cover non PCI compliance?
Cyber insurance is there to protect and shield a merchant from the financial liability of a data breach. Sensitive customer information like credit card numbers, account numbers, and even Social Security numbers or health records are all sought after by criminals to commit fraud or theft.
If this sensitive information is leaked as a result of a business not being PCI compliant, that business can be liable for reimbursing the consumer, along with assessments, penalties, or fines imposed because of non-compliance of PCI standards or from company rules of the card payment industry.
Cyber insurance can provide coverage for these costs that result from not implementing security standards, with another of different insurance companies offering businesses this type of protection.
Depending on the industry and the volume of transactions, a business may be wise to opt for cyber insurance. To help understand the level of PCI standards your business is responsible for, you can use this self-assessment questionnaire to gain valuable insights into what is required of your business–including the level of risk you face.
Is PCI compliance required for getting cyber insurance?
It is not a requirement to be PCI compliant in order to receive cyber insurance coverage for your business, since cyber insurance can cover a business for fees and damages for not being PCI compliant.
However, insurance is there in case a mistake is made or something goes wrong. Therefore, cyber insurance is no substitute for following the proper security standards in the first place.
As the saying goes: an ounce of prevention is worth a pound of cure. That’s why we at PPS help clients meet PCI DSS standards to prevent liability issues from taking place in the first place. Contact us today to get help with becoming PCI compliant.
Summary
PCI security standards and cyber insurance are there for the same reason: for protection. However, PCI compliance protects a business from problems happening in the first place by making sure security requirements are met. If there is an event that causes a data breach, cyber insurance can cover the costs associated with fines and penalties.
It’s always best to make sure your business is PCI compliant to avoid problems, fines, and fees. Progressive Payment Solutions (unlike most other payment processors) helps clients meet these standards. Start meeting PCI standards today by contacting PPS. We offer the lowest processing rates in the industry while offering service no one else can match.