The Payments Academy 2024 theme is ‘Fueling Success‘. This event included a variety of payment trends, payment technology, and PCI compliance topics.
HALOCK again partners with University of Iowa this year and presented best practices and approaches to implement new PCI DSS v4.0 requirements.
Understanding and Managing Requirement 12 in PCI DSS 4.0
Requirement 12 in the PCI DSS applies in some way to all organizations validating compliance with the PCI DSS. The latest release of PCI DSS added 13 new requirements which include two types of Targeted Risk Analysis (TRA), changes to hardware and software maintenance, new PCI scoping requirements, updates to security awareness training and additions to the Incident Response Plan (IRP) to help organizations maintain compliance. In addition, the new third-party service provider (TPSP) requirements should hopefully ease the burden merchants have previously seen to collecting third-party service provider compliance evidence. This comprehensive session offered a QSA’s interpretation and guidance on the requirements in section 12, as well as practical examples of how universities have addressed some of these challenges.
Download the presentation deck from the event:
SPEAKERS:
- Justin Evans, MBA, PCIP, CPC, CPC-I, COC, Senior IT Security Architect, University of Iowa Information Security & Policy Office
- Viviana Wesley, PCI QSA, CISM, ISO 27001 Auditor, Principal Consultant, HALOCK Securities Labs
DATE & TIME: Sunday, May 5, 2024 | 10:00-11:00am
LOCATION:The Westin Indianapolis