PCI DSS V3.2 Is Almost Here!

Featured Image

The PCI Security Standards Councils confirmed last week that the updated version of PCI DSS (v3.2) will be released at the end of April 2016. The current version (v3.1) will expire in October 2016. Organizations currently assessing under PCI DSS (v3.1) will be allowed a transition period.

All key dates and milestones to be aware of for this year’s updates are shared in this article.

An earlier high level discussion covering the new update can be found here.

Some of the significant high level changes: • The SSL and early TLS sunset extension • Multifactor administrative access to cardholder data environments • The inclusion of the Designated Entity Supplemental Validation (DESV) requirements • New reporting requirements for service providers

We will conduct our usual detailed page-by-page word-by-word analysis of the changes and impacts as soon as the standard is published. Stay tuned.

PCI Compliance & Why You Need to be Compliant

Getting paid is just as important as PCI compliance. Businesses of all sizes rely on cash flow to effectively manage business operations. To ensure...

Read More

1 min read

Why POI Tamper Inspections are so Important

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed...

Read More

This Week's [in]Security - Issue 266

Welcome to This Week’s [in]Security. PCI and payments: Skimmers. Payments: New breaches: Anonymous, DeFi, Ikea. New Ransomware, Major outages,...

Read More