PCI DSS compliance doesn't guarantee security, but half of PCI certified companies aren't compliant which does indicate vulnerability to cyber-attack. "It's not a project, it's a programme - something you need to maintain."
Today second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, "We have recently been subject to an online security breach."
The UK government has issued a range of guidelines designed to ensure vehicle design includes cyber-security at all stages of development.
UK proposes new data protection regulation in line with GDPR for a post-Brexit world, including right-to-be-forgotten, heavy fines, and new rules on data gathering - expected in Autumn.
SC's Tony Morbin visited Arriva Trains Wales in its Cardiff office to find out how the Welsh trains company was tackling attacks on its network.