Tag Archives: PCI DSS v4.0
PCI DSS v4.0 – RFC Timeline Update
UPDATE: PCI DSS v4.0 in Q1 2022 The PCI SSC announced that the planned completion date for PCI DSS v4.0 is Q4 2021.
Keeping Track of PCI DSS v4.0
UPDATED AS OF JULY 2021 UPDATE: New Blog on PCI DSS 4.0 Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next request for comments (RFC), and information about the RFC feedback they received.
PCI DSS v4.0 Expected Mid-2021
UPDATED AS OF JULY 2021 UPDATE: New Blog on PCI DSS 4.0 Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next RFC, and information about the RFC feedback they received. The new blog covers […]
Version 3.2 of the PCI DSS to be Released in Q2, ARE YOU READY?
Payment Card Industry Security Standards Council (PCI SSC) by Viviana Wesley, PCI QSA, ISO 27001 Auditor The Payment Card Industry Security Standards Council (PCI SSC) will be releasing version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) in the second quarter of 2016 and will become effective as soon as it’s published. PCI […]
PCI DSS v3.1 Coming – SSL No Longer Considered Strong Cryptography
SSL No Longer Considered Strong Cryptography Author: Viviana Wesley, PCI QSA In a recent bulletin the Payment Card Industry Security Standards Council (PCI SSC) stated that updates will be forthcoming to the Data Security Standard (DSS) version 3.0 – and very soon. The change is related to vulnerabilities seen with Secure Socket Layer (SSL) cryptography.
PCI and Third Party Security Assurance: The PCI Council’s Guidance Summarized
Author: Viviana Wesley, PCI QSA Some recent breaches of cardholder data have been the direct result of a successful compromise of a trusted third party to the breached entity. For example, a factor in the well-publicized breach at Target may have been compromised credentials of a trusted service provider with access to the Target internal […]
The PCI Security Standards Council has released a new Information supplement for PCI DSS Risk Assessment Guidelines.
The PCI Security Standards Council has released a new Information supplement for PCI DSS Risk Assessment Guidelines. Organizations planning and performing a risk assessment in accordance with PCI DSS 12.1.2 can use the information supplement to help identify threats and the associated vulnerabilities that could jeopardize the security of payment card data.
PCI Compliance – 96% of victims subject to PCI DSS had not achieved compliance
I’m going to refer to another something in a previous blog, the one about Verizon’s 2012 Data Breach Report regarding PCI Compliance.
PCI Compliance Guidelines: Locking Down Firewall Rules for Active Directory Replication
We all know Windows Active Directory is a great solution to centrally manage users and computers.