The survey revealed that 75 per cent say there was a high risk of data loss or theft as a result of not knowing where payment data is stored.
Dubai - The global survey of more than 3,700 IT security practitioners from more than a dozen major industry sectors, found that 54 per cent of those surveyed said that their companies had a data breach involving payment data an average of four times in past two years.
Published: Tue 2 Feb 2016, 11:00 PM
Updated: Wed 3 Feb 2016, 10:02 AM
There is a critical need for organisations in the Middle East to improve their payment data security practices to protect against data breaches, a new study has stressed.
The global survey of more than 3,700 IT security practitioners from more than a dozen major industry sectors, found that 54 per cent of those surveyed said that their companies had a data breach involving payment data an average of four times in past two years. Conducted by the Ponemon Institute on behalf of Gemalto, the survey also found that 55 per cent of respondents said that they did not know where all their payment data is stored or located.
With the acceptance of mobile and other new forms of payments expected to double in the next two years, and the study highlighting increasing security risks to payment data and lack of confidence in securing mobile payment methods, it is clear that companies need to do more in terms of security.
"With the increase in data breaches, it is vital that organisations ensure the correct people have access to the data and that their data is encrypted so that they render it useless in the event of a breach," said Sebastien Pavie, regional sales director for the MEA region at Gemalto.
"Organisations are not getting this right - it is clear from the continuous number of exposed records. By implementing a three step approach - encrypting all sensitive data at rest and in motion, securely managing and storing all of your keys, and controlling access and authentication of users - you can effectively prepare for a breach."
The study showed that in the Middle East and South Africa region, around 37 per cent of the companies agreed that their company's security personnel had the expertise to effectively protect their payment data. However, only 42 per cent said that the protection of payment data is a top five priority for their organisation.
Also, around 36 per cent of the companies believe that the security technologies the company has to protect payment data are effective, while 30 per cent said that enough resources are allocated to the protection of payment data.
In addition, the study showed that 66 per cent of respondents in the Middle East and South Africa region feel that the new payment methods such as mobile payments, contactless payments and e-wallets are putting payment data at risk. Around 75 per cent also agreed that there was a high risk of data loss or theft as a result of not knowing where payment data is stored.
Pavie noted that the move to online payment services has definitely enhanced the overall customer experience by providing convenient and instant access to information and resources. He explained that by implementing strong authentication and transaction security, organisations can secure their online environments.
"Having a strong authentication platform is imperative to instilling trust in the customer," he added.
rohma@khaleejtimes.com