Challenges in Preventing Internal Information Theft

This chapter provides reflective knowledge for security management and contributes insights on tightening the data security processes in meeting Payment Card Industry Data Security Standard (PCI DSS) requirements. PCI DSS is the main standard and requirements set out for storing payment card data. PCI DSS specifies steps which should be taken to ensure payment card data is kept safe both during and after transactions. Tsai explains that the cultural orientation is the degree to which employees are inclined to be actively engaged in the norms, practices and the traditions of a specific organisational culture. The security and crime prevention managers are inclined to treat information security regarding prevention of internal information theft as a complex organisational issue often dependent on software security. Walker et al. argues that police indifference in cooperating with retail managers in combating information theft has greater impact on business organisation than the loss of their business assets.