PCI Council Creates New Cyberattack Resources For SMBs


Aiming to help small businesses protect themselves from payment data theft, the PCI Security Standards Council Small Merchant Taskforce announced Thursday (July 7) that it has developed a suite of payment protection resources geared toward small businesses. The resources are created with simple diagrams and everyday language to take the complexity out of it for small business owners.

Security company Symantec noted that close to half of all cyberattacks around the world last year were against small businesses with less than 250 employees.

“The market has been in desperate need of easy-to-understand payment security resources for small businesses,” said PCI Security Standards Council General Manager Stephen Orfei. “Working with a global, cross-industry taskforce representing merchants, banks, merchant associations, technology and service providers, and other small merchant partners, we’re pleased to provide practical guidance to small businesses on how they can start protecting themselves against cybercriminals.”

The resources include a guide to safe payments, real-life pictures of merchant payment systems, questions for merchants to ask their technology and service providers, as well as a glossary that takes the jargon out of the technical payment terms. Interested parties can download the digital toolkit from the PCI Council website. The goal is to provide the ability for merchants, banks, payment processors and merchant vendors to have a common understanding of why and how to protect against payment data theft.

In conjunction with the new resources for small businesses, PCI Council also announced some of the partners for this initiative, including Barclaycard and the National Restaurant Association.

“Small businesses can use these materials to make informed decisions about applying basic security to protect cardholder data and also improve their general security stance,” said taskforce co-chair Michael Christodoulides, VP, Payment Security, Global Payment Acceptance at Barclaycard. “The materials also include basic guidance and some simple questions to ask a potential new supplier that can be quickly absorbed and acted upon, ideal for small businesses.”

Meanwhile, David Matthews, General Counsel at the National Restaurant Association, who is also a co-chair of the taskforce, said the initiative will enable the restaurant industry to know and understand the best practices needed to protect against data and payment attacks.