Industry Leaders Reveal True Cost of PCI Compliance

  NEW YORK, NY, Jan 15 (MARKET WIRE) -- 
 Today at the National Retail Federation (NRF) Annual Convention, Solidcore(R)
Systems, Inc., Emagined Security, and Fortrex Technologies announced the
availability of a new report analyzing the costs of achieving and sustaining
compliance with the Payment Card Industry Data Security Standard (PCI-DSS). 
The report entitled "PCI Compliance Cost Analysis: A Justified Expense"
reveals that the cost for merchants and service providers not meeting the PCI
requirements can be 20 times greater than the cost of proactively becoming
compliant.

    Solidcore Systems, Emagined Security and Fortrex Technologies identified
three main
categories of costs to provide an insider's perspective on the overall costs
associated PCI DSS compliance.  The cost categories are described as:


1) Upgrading Payment Systems and Security Infrastructure,

2) Verifying Compliance (Assessments), and

3) Sustaining Compliance.

    
The report evaluated costs incurred by a Level 1 merchant with 2,000
to2,500 retail locations, and found that the cost of PCI compliance can be
ashigh as $18 million compared to as much as $250 million for not meeting
andsustaining compliance.

    Subsequently, Solidcore and Emagined Security also polled 201 IT and
compliance professionals and found that more than half (57 percent) of the
respondents admitted their organization either experienced or did not know if
they had experienced a compliance control deficiency in the last year. This
data revealed a lack of attention toward PCI compliance among most merchants
and service providers.

    "It is no longer enough to simply achieve PCI compliance.  Merchants and
service providers must sustain continuous compliance for the security of
their customers and the integrity of their business," said Bob Vieraitis, vice
president of marketing at Solidcore.  "While the up-front costs of PCI
compliance might initially seem high, following the best-practices of the
PCI-DSS is essential to avoiding the detrimental costs linked to a data
breach, fines from the credit card companies, and revenue loss tied to a
damaged reputation."

    The credit card companies divide merchants into various levels based on
thenumber of transactions processed every year.  While each level is subject to
a
different set of compliance activities, the strictest rules and highest costs
apply to Level 1 merchants (those processing six million transactions or more
annually).  Achieving PCI compliance, avoiding fines imposed by the credit card
companies, and retaining the privilege to accept credit cards requires merchants
and service providers to address approximately 180 individual PCI requirements
in
12 categories. Participating merchants must pay for their own PCI compliance
assessments,and the incremental cost of compliance depends upon the extent to
which a
merchant's infrastructure is already in a compliant or near-compliant state.

    To obtain a copy of the complete report titled "PCI Compliance Cost
Analysis:
A Justified Expense," please visit:
http://www.solidcore.com/learn/pci_report.html.

    About Emagined Security

    Emagined Security is the leading professional services provider for
Information Security & Compliance solutions. Emagined Security empowers
itsclients to help them effectively manage IT risk in today's dynamic
businessenvironment. With deep industry and domain expertise, a proven track
record,
and by employing well known and respected individuals from the Information
Security community, Emagined Security can scale quickly and efficiently to
provide clients with the rapid response required by best-in-class
organizations. Emagined Security's commercial clients cover a wide range of
U.S. and global Fortune 500 organizations, including the financial services,
energy, healthcare, high tech, manufacturing, & insurance industries.
Anticipate, protect, react, and deliver. Emagined Security is your partner in
information security & compliance. For more information, visit
www.emagined.com.

    About Fortrex Technologies

    Founded in 1997 Fortrex Technologies, Inc. has been a market leader in
providing IT Security, Operational Risk and Compliance solutions for over 500
customers in various industry sectors. The Fortrex mission is to be our
clients' long-term, trusted security advisor by ensuring the confidentiality,
integrity, and availability of their data and systems through the provision of
world-class, enterprise-wide information security services and solutions. At
Fortrex, we believe that our unique differentiator is the team of individuals
who are committed to a set of corporate values. These values, Integrity,
Excellence, Empowerment, Teamwork and Thankfulness, are the foundation of all
Fortrex
relationships,including those with our employees, customers and vendors. For
more
information, visit www.fortrex.com.

    About Solidcore Systems

    Solidcore is a leading provider of real-time change and configuration
control software.
Organizations worldwide trust Solidcore to assure compliance with the Payment
Card Industry (PCI) and Sarbanes-Oxley (SOX) standards, to improve service
availability, and achieve faster returns on ITIL and IT service management
initiatives.  Solidcore's S3 Control software helps organizations by tracking
changes to their critical infrastructure in real-time, determining if the
changes
are authorized and blocking unauthorized change.  Solidcore is headquartered
in Cupertino, California.  For more information, visit www.solidcore.com.

    Solidcore is a registered trademark of Solidcore Systems, Inc. in the United
States and other countries. Solidcore S3 Control is a trademark of Solidcore
Systems, Inc.  All other product names, trademarks, and service marks mentioned
herein are the property of their respective owners.

    

Media Contact:
Tony Thompson
Solidcore Systems, Inc.
+1 (408) 387-8444
Email Contact

Copyright 2008, Market Wire, All rights reserved.

-0-