However, this seems to have come at a significant and growing cost. The National Retail Federation (NRF) estimates that over a $1 billion has been spent on PCI compliance. Gartner reported a five-fold increase in the cost of PCI compliance over an 18-month period. When you factor in breaches, the cost swings upwards even faster. According to the Identity Theft Resource Center (ITRC), the number of data breaches has more than tripled between 2005 and 2009.

So what does this all mean? At some level the statistics suggest the cost of compliance outweighs the benefits. In other words, PCI compliance is still just a checkbox and doesn't actually equate to stronger security for cardholder data. That belief crops up time and again in compliance blogs and forums.

What is needed, it seems, is a technology based solutions that can:

* Streamline audits and reduce the cost of compliance.