PCI Council Says Threats to Payments Systems Are Speeding Up
Dark Reading
by Arielle WaldmanFebruary 25, 2026
AI-Generated Deep Dive Summary
The PCI Security Standards Council (SSC) has released its first annual report since its founding in 2006, signaling a critical moment for payment card industry (PCI) security. The report highlights the growing sophistication of threats targeting payment systems and emphasizes the need for faster action to stay ahead of attackers. Gina Gobeyn, executive director of the PCI SSC, notes that the council is focused on advancing global payment security through training, education, collaboration, and outreach initiatives. With the pace of change in payments accelerating, the report underscores the importance of global coordination to address increasingly complex threats.
The council’s efforts include continually updating standards and compliance requirements for mobile, data, device, software, and card products across various sectors. To support organizations in meeting these standards, the PCI SSC offers programs to train, test, and qualify them. The report also highlights key milestones, such as expanding its board of advisors to 64 member organizations and launching new regional initiatives like the India-South Asia board. These steps reflect the council’s commitment to transparency and maturity, aligning it with other major regulatory bodies.
Gary Penolver, CTO of Quod Orbis, views the report as a significant milestone for the payment card industry. He notes that payments have evolved from a technical compliance issue to a core business and security concern for global organizations. The report also reveals challenges tied to the rapid pace of innovation and the potential for fragmentation in the increasingly complex payment ecosystem. This complexity introduces risks, such as uneven adoption of new technologies and growing gaps between innovation and security.
As cyberattacks on payment systems become more sophisticated, the council’s focus on collaboration and training is essential to mitigate these threats. With attackers targeting everything from point-of-sale systems to payment card-skimming campaigns, the stakes for global payment security have never been higher. The report serves as a reminder that vulnerabilities in this interconnected ecosystem can travel fast, exposing organizations to significant risks. For businesses and regulators alike, staying ahead of these threats requires continuous innovation and a unified approach to payment security.
In an era where digital payments are a cornerstone of modern commerce, the PCI SSC’s annual report provides valuable insights into the challenges and opportunities facing the industry. By fostering global collaboration and prioritizing education, the council aims to safeguard this critical infrastructure against evolving threats. For readers interested in security, the report highlights the importance of proactive measures to ensure the integrity of payment systems, ultimately protecting both businesses and consumers.
Verticals
securitytech
Originally published on Dark Reading on 2/25/2026