Category Archives: PCI Compliance

Viviana Wesley of HALOCK Security Labs and Justin Evans of the University of Iowa will be presenting at The Payments Academy Annual Conference, held May 7-10, 2023, in Indianapolis, Indiana. Registration details are available on the website.

(more…)

We’ve compared the version 3.2.1 to version 4.0 Self-Assessment Questionnaires.

Join Viviana Wesley to learn about the differences in SAQ types, A, A-EP, B, B-IP, C, C-VT and P2PE.

(more…)

In version 4.0, all periodic cadence requirements must be justified with a targeted risk analysis. Also, if the customized approach is used to validate compliance with a requirement, a targeted risk analysis must be performed.

(more…)

There are 14 new requirements that are effective immediately for any PCI DSS 4.0 validation. Join Viviana Wesley for a deep dive into these requirements so your organization can start working on these right away.

(more…)

There are 51 requirements that are best practices until March of 2025. Some will be process related and some will require technology or program changes.

(more…)

PCI DSS v3.2.1 expires on March 31, 2024. Organizations should now be planning their transition to PCI DSS v4.0. With 64 new requirements in PCI DSS v4.0, companies have a lot to consider in preparation for the coming deadline. In our 5-part PCI Webinar Series, learn about the general changes to 4.0, new requirements, best practices, and how an increased focus on risk evaluations in this new version will be a driving force for security and compliance. Register for the first session and view details of the other four webinars below.

Managing your security program is challenging, especially with compliance requirements evolving.

Here is a quick overview of the regulatory landscape for 2023. This reference provides links to the law or rules. It also includes references to help you make informed decisions on priorities, resources and technology to manage your risk.

(more…)