Payment Card Industry (PCI) DSS v4.0
PCI DSS Version 4.0: What is it and why now?
On the 31 March 2022, the PCI Security Standards Council (PCI SSC) released version 4.0 of the PCI Data Security Standard (PCI DSS). Version 4.0 replaces the current version, 3.2.1 and is the biggest shakeup to the PCI DSS for years.
The PCI DSS is a set of requirements that any organisation that stores, processes or transmits payment card information is required to adhere to. Should an organisation provide a service that can affect the security of payment card information, they too are obligated to adhere to its requirements.
But why now?
The changes in the threat landscape have continued to evolve significantly in recent years, and so, the controls that protect payment card information must change with them. The increasing use of cloud-based technologies and the
sophistication of attacks are the main drivers for these changes.
Version 4.0 has been developed in partnership with global industry. Over 200 companies have provided more than 6,000 items of feedback to the PCI SSC to create the new standard.
Speak to me directly by Email
James is a Certified Information Systems Security Professional (CISSP), ISO27001 Information Security Lead Auditor and qualified PCI Quality Security Assessor (QSA) from a multi-industry background. He is experienced in delivering risk based information assurance projects including PCI-DSS assessments, vCISO engagements, GDPR gap analysis and ISO27001 implementations including ISMS management.
To discuss how the above impact your business, feel free to get in touch with our team. We provide our clients with pragmatic advice and support to help them achieve a robust and defensible position.