Press Release

ControlScan and MAC Release SMB Payment Security Survey Findings

New report based on 2019 research shows continuing need for cybersecurity awareness, education

ATLANTA, Mar. 12, 2019 - ControlScan, a leader in managed security and compliance solutions that help secure networks and protect payment card data, has released a new payments industry research report in collaboration with the Merchant Acquirers’ Committee (MAC). Among its findings, the report shares startling information surrounding how small and mid-sized businesses (SMBs) understand and respond to cybersecurity risk.

SMB security has been a longstanding focus of the payments industry, as these businesses represent greater risk for merchant service providers (MSPs). Despite more secure point-of-sale systems and transaction methods, human error outside of those systems is still frequently exploited. Everyone has a role in keeping payment data secure, and MSPs strive to reinforce this message with their SMB merchants.

“ControlScan and MAC regularly collaborate on payments industry research, because reduced business risk for industry stakeholders is our shared goal,” said Chris Bucolo, Vice President of Market Strategy, ControlScan. “The SMB feedback we gathered from this survey—coupled with our recommendations—represents our commitment to deliver information of value.”

One of the most surprising findings to come from the 2019 ControlScan/MAC SMB Payment Security Survey is that 89% of SMBs believe their business is at little to no risk of being breached. The research report examines three key data points leading to this belief, and how each of these are misconceptions.

“In many cases, it truly is a matter of ‘it can’t happen to me,’ until it does happen to them,” said Vadeene Sisk, Education Committee Chair, MAC. “Merchant service providers must continuously communicate with and educate SMBs about the role they play in securing their businesses. Other than a breach, repetition is the only way to get the message across.”

The report, “Cybersecurity Risk, Response and Reward: Findings from the 2019 ControlScan/MAC SMB Payment Security Survey,” is based on data collected from more than 6,500 SMBs in January, 2019. For more information on ControlScan, please visit For more information on MAC, visit


About the Survey

The ControlScan/MAC 2019 SMB Payment Security Survey was conducted in January 2019. The survey was administered online, and email invitations were sent to the SMB merchant bases of three ControlScan partners that had agreed to participate in the study. Direct SMB customers of ControlScan also received a survey invitation. A total of 196,913 businesses received the survey email, and the survey was completed by a total of 6,526 respondents representing small and mid-sized businesses that accept credit/debit card payments.

About ControlScan                                                  

ControlScan managed security and compliance solutions help secure IT networks and protect payment card data. Thousands of businesses throughout the U.S. and Canada partner with us for easy, cost-effective access to the expertise, technologies and services that keep cyber criminals and data thieves at bay. With highly credentialed cybersecurity and compliance experts, 24x7 managed detection and response, advanced endpoint protection, managed UTM firewall services, ASV vulnerability scanning, QSA and HIPAA assessments, security penetration testing, PCI compliance programs and more, we’ve got your back. For more information visit

About Merchant Acquirers’ Committee (MAC)

MAC is an organization of bankcard professionals involved in the risk management side of Card Processing. We have members from banks, ISOs, card associations and others related to the risk management side of the industry. MAC’s mission is to strengthen the payment ecosystem through ongoing education, communication and cooperation among acquirers, card brands and enforcement agencies. For more information, visit