Skip to the main content.
Contact
Contact

PCI DSS V3.2 Is Almost Here!

PCI DSS V3.2 Is Almost Here!

The PCI Security Standards Councils confirmed last week that the updated version of PCI DSS (v3.2) will be released at the end of April 2016. The current version (v3.1) will expire in October 2016. Organizations currently assessing under PCI DSS (v3.1) will be allowed a transition period.

All key dates and milestones to be aware of for this year’s updates are shared in this article.

An earlier high level discussion covering the new update can be found here.

Some of the significant high level changes: • The SSL and early TLS sunset extension • Multifactor administrative access to cardholder data environments • The inclusion of the Designated Entity Supplemental Validation (DESV) requirements • New reporting requirements for service providers

We will conduct our usual detailed page-by-page word-by-word analysis of the changes and impacts as soon as the standard is published. Stay tuned.

Control Gap Vulnerability Roundup: March 4th to March 10th

Control Gap Vulnerability Roundup: March 4th to March 10th

This week saw the publication of 493 new CVE IDs. Of those, 58 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More
Control Gap Vulnerability Roundup: February 25th to March 3rd

Control Gap Vulnerability Roundup: February 25th to March 3rd

This week saw the publication of 442 new CVE IDs. Of those, 258 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More
Control Gap Vulnerability Roundup: February 18th to February 24th

Control Gap Vulnerability Roundup: February 18th to February 24th

This week saw the publication of 326 new CVE IDs. Of those, 258 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More