UPDATED AS OF JULY 2021
UPDATE: New Blog on PCI DSS 4.0
Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next RFC, and information about the RFC feedback they received. The new blog covers timing of supporting documents, transition between PCI DSSv3.2.1 and v4.0, an explanation of “future-dated requirements,” development and transition timelines for the project and more.
The PCI SSC just announced that the final version of PCI DSS v4.0 won’t be published until 2021 and won’t be required for 2 years after the publication date.
PCI DSS Requirements
- PCI DSS Requirement 5.4.1: Anti-spoofing controls such as DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, Sender Policy Framework (SPF), and Domain Keys Identified Mail (DKIM) can help stop phishers from spoofing the entity’s domain and impersonating personnel.
Learn more about Penetration Testing and new exploits in HALOCK’s Exploit Insider.
PCI Targeted Risk Analysis & DoCRA
https://www.halock.com/pci-compliance-new-requirements-and-targeted-risk-analysis/
HIPAA & Penetration Testing & Incident Response Plans
Top Threats in Healthcare
https://www.halock.com/top-cyber-threats-in-healthcare/
Cloud Security Risk Management
https://www.halock.com/prioritized-findings-and-remediation-in-cloud-security-reporting/
Penetration Testing Reports to Manage and Prioritize Risk
https://www.halock.com/a-threat-based-approach-to-penetration-test-reporting/
Learn how Duty of Care Risk Analysis (DoCRA) can help you achieve reasonable security:
What is Duty of Care Risk Analysis (DoCRA) for Cybersecurity?
What is Duty of Care Risk Analysis (DoCRA) for General Counsel?
What is Duty of Care Risk Analysis (DoCRA) for Regulators?
What is Duty of Care Risk Analysis (DoCRA) for Auditors?
What is Duty of Care Risk Analysis (DoCRA) for Executives?
What is Duty of Care Risk Analysis (DoCRA) for Risk Managers?
